static-code-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a shell script
scripts/security-checklist.shthat generates a security checklist file. Additionally, theSecurityScannerclass inreferences/security-scanning.mduseschild_process.execto execute thenpm auditcommand, which is a standard procedure for identifying vulnerabilities in Node.js dependencies. - [EXTERNAL_DOWNLOADS]: The
references/pre-commit-hooks.mdandreferences/sonarqube-integration.mdfiles reference external resources from well-known and trusted organizations, including GitHub repositories forpre-commit,PyCQA,psf,trufflesecurity, andsonarsource. These references are standard for the intended use of the skill.
Audit Metadata