java-file-audit
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation and instructions for auditing Java code for file-related security issues such as arbitrary file upload, read, and write vulnerabilities.
- [SAFE]: No remote code execution or package installation patterns were identified. All scripts and references are internal to the skill package.
- [SAFE]: No obfuscation techniques or hidden URLs were found in the provided files. Decoded patterns for directory traversal (e.g., %2e%2e%2f) are correctly identified as attack vectors to look for during an audit, not as part of the skill's own execution.
- [SAFE]: The skill does not attempt to access sensitive system files or exfiltrate data. It defines local variables for demonstration purposes consistent with security auditing workflows.
- [SAFE]: Prompt injection patterns were not detected. The instructional language used (e.g., 'IMPORTANT', 'Critical-High') is part of the security auditing framework provided to the agent and does not attempt to bypass core safety constraints.
Audit Metadata