web-app-security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains no malicious code, obfuscation, or unauthorized data exfiltration patterns. Its instructions are consistent with established penetration testing methodologies.
- [COMMAND_EXECUTION]: The skill utilizes standard diagnostic commands such as
grep,curl, andnmapto perform auditing tasks. These tools are used solely for identifying vulnerabilities in a target application's codebase and running environment. - [PROMPT_INJECTION]: The skill includes instructions for the agent to process untrusted data from the application under audit.
- Ingestion points: The agent reads local source code files (via
grep) and interacts with external endpoints (viacurl). - Boundary markers: No specific delimiters are enforced for audited content.
- Capability inventory: The agent has access to file system searching, network interaction, and vulnerability scanning utilities.
- Sanitization: No explicit sanitization is performed on audited data, as the content is evaluated for security reporting purposes rather than automated execution.
Audit Metadata