sast-config
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes restricted tools (
Read,Grep,Glob) to perform static analysis on local configuration files. No shell access or network communication tools are permitted in the skill configuration. - [SAFE]: A 'Prompt Injection Safety Notice' is included, which explicitly instructs the agent to treat all processed configuration data as untrusted and to ignore any instructions found within analyzed files, mitigating indirect prompt injection risks.
- [SAFE]: All external URLs point to official documentation and registries for established security tools and frameworks such as OWASP, MITRE, Semgrep, and CodeQL.
- [SAFE]: The skill defines a process for security assessment without introducing dangerous execution patterns, persistence mechanisms, or credential exposure.
Audit Metadata