security-bounty-hunter
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [SAFE]: The skill is a set of instructional guidelines for security auditing and bug bounty hunting. It does not contain executable code, hidden payloads, or suspicious network requests. All recommended practices align with standard security research methodologies.
- [COMMAND_EXECUTION]: The skill includes an example command utilizing 'semgrep', a well-known security tool, for code analysis. This is a standard practice for the skill's stated purpose of vulnerability discovery.
- [EXTERNAL_DOWNLOADS]: The suggested semgrep command uses the '--config=auto' flag, which fetches analysis rules from the official Semgrep registry. This is standard and expected functionality for the tool.
- [NO_CODE]: No executable script files are included with this skill; it consists entirely of documentation and instructions for the agent to follow.
Audit Metadata