semgrep-rule-creator
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The instructions are focused on technical rule creation and do not contain patterns aimed at overriding agent safety guidelines or bypassing instructions.
- [DATA_EXFILTRATION]: No access to sensitive file paths (e.g., SSH keys, credentials) or unauthorized network transmissions were found. Network usage is confined to reading official Semgrep documentation.
- [REMOTE_CODE_EXECUTION]: The skill uses the Bash tool to execute the semgrep CLI for rule validation and testing, which is expected and safe behavior for its defined purpose.
- [COMMAND_EXECUTION]: File system operations (Read, Write, Edit) are used appropriately to manage Semgrep rule and test files within the user's workspace.
Audit Metadata