codebase-search
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional. It provides guidance on using standard developer tools (Grep, Glob, Bash, Git) to navigate codebases.
- [COMMAND_EXECUTION]: While the skill contains many
grepandbashexamples, these are provided as educational templates for the user to execute manually or for the agent to use within its allowed toolset for legitimate codebase analysis. There are no automated malicious commands or shell injections. - [DATA_EXFILTRATION]: No network calls or data exfiltration patterns were detected. The search patterns for sensitive strings like 'API_KEY' or 'process.env' are clearly intended for code auditing and finding configuration within a project, not for sending that data to a third party.
- [PROMPT_INJECTION]: No attempts to override system prompts, bypass safety filters, or use 'Ignore previous instructions' patterns were found.
Audit Metadata