security-audit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is defensive security auditing. The instructions are professional and focus on identifying risks in other codebases through deep static analysis.
- [COMMAND_EXECUTION]: Includes a helper script
scripts/rg-hotspots.shwhich utilizes theripgrep(rg) tool to scan directories for security-sensitive API calls and patterns. This is a standard utility for security auditing and is used safely here. - [PROMPT_INJECTION]: No evidence of prompt injection or attempts to bypass AI safety guardrails. The instructions establish a rigorous, evidence-based security persona.
- [EXTERNAL_DOWNLOADS]: The skill does not perform any external downloads or execute remote scripts.
Audit Metadata