Skills
skills/a2f0/tearleads/preen-api-security/Gen Agent Trust Hub

preen-api-security

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses ripgrep (rg) to search the local codebase for security vulnerabilities and patterns.
  • [COMMAND_EXECUTION]: It executes local project scripts using pnpm for validation tasks like typechecking, linting, and testing.
  • [COMMAND_EXECUTION]: It invokes Git-related commands for committing and merging security fixes.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it audits untrusted codebase content which could influence the agent's remediation logic. Evidence Chain: 1. Ingestion points: ripgrep output from packages/api/src/routes. 2. Boundary markers: Absent. 3. Capability inventory: File modification, subprocess execution (pnpm test), and Git operations. 4. Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:13 PM