GitHub Push
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The script scans local file content for secrets using regex patterns but does not transmit any data externally. All operations remain local to the user's environment.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns of remote code execution or external script fetching. The skill relies on a local bash script for its scanning logic.
- [COMMAND_EXECUTION] (SAFE): The skill uses standard, expected system commands (
git,grep,file) to perform repository scanning and file type identification. - [PROMPT_INJECTION] (LOW): The skill processes file content (untrusted data) from the repository to detect secrets (Category 8). While this data is presented to the agent, the risk is minimal as the script only identifies matching patterns and does not execute the data itself.
Audit Metadata