Skills
skills/wundercorp/patcher-skill/patcher/Gen Agent Trust Hub

patcher

Pass

Audited by Gen Agent Trust Hub on Jun 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The helper script scripts/check-patcher.mjs uses spawnSync to invoke standard ecosystem security tools such as npm audit, pip-audit, govulncheck, cargo audit, and trivy. This is a core functional requirement of the scanner.
  • [DATA_EXFILTRATION]: The scanning logic in scripts/check-patcher.mjs includes a routine to detect committed sensitive files like .env to alert the user of potential secret exposure. The script does not exfiltrate this data; findings are reported locally.
  • [REMOTE_CODE_EXECUTION]: The skill's instructions guide the agent to identify and remediate dangerous patterns such as curl | sh or wget | sh within the user's project to improve overall security posture.
  • [SAFE]: The skill follows established security best practices, uses trusted ecosystem tools, and provides clear verification playbooks. No obfuscation or malicious redirection patterns were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 9, 2026, 03:43 PM
Security Audit — agent-trust-hub — patcher