semgrep
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of comprehensive documentation for using the Semgrep static analysis tool. No malicious code, obfuscation, or data exfiltration patterns were detected.\n- [EXTERNAL_DOWNLOADS]: The skill correctly directs users to official and well-known sources for software installation (Python's pip, Homebrew) and rulesets (Semgrep Registry, Trail of Bits).\n- [COMMAND_EXECUTION]: The skill facilitates the execution of the semgrep command-line utility. This is the intended primary function and is documented with appropriate safety guidelines, such as using .semgrepignore and testing rules before deployment.\n- [PROMPT_INJECTION]: Analysis of the skill instructions and metadata revealed no attempts to bypass safety filters or override agent behavior.
Audit Metadata