agent-security
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides defensive guardrails and security auditing functionality consistent with its stated purpose.
- [COMMAND_EXECUTION]: The
security-audit.mjsscript utilizes the Node.jschild_process.execSyncmodule to execute local system commands includingfind,git,lsof,chmod,fdesetup, andlsblk. These commands are used to inspect file permissions, git history, and system configurations for security vulnerabilities. - [DATA_EXPOSURE]: The skill scripts access sensitive filesystem locations (e.g.,
~/.ssh/,.envfiles, and wallet configuration paths) to verify they are properly secured. Findings are logged to the local terminal for the operator's review, and no network operations are present to exfiltrate this data.
Audit Metadata