senior-fullstack
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill's documentation or scripts.
- [COMMAND_EXECUTION]: The skill utilizes local Python scripts (
project_scaffolder.pyandcode_quality_analyzer.py) to automate development tasks. These scripts are limited to filesystem operations, such as creating directories and writing hardcoded template files, and do not execute arbitrary shell commands or untrusted code. - [DATA_EXFILTRATION]: There is no evidence of network activity or data exfiltration. The code quality analyzer reads local files to identify security patterns (like hardcoded secrets or SQL injection) and outputs findings locally to the user's console or a JSON file.
- [PROMPT_INJECTION]: The trigger phrases and instructions in
SKILL.mdare consistent with the skill's utility and do not attempt to bypass AI safety filters or override system instructions. - [REMOTE_CODE_EXECUTION]: The skill does not perform any remote downloads or execute code from external sources. All project templates and analysis rules are contained within the skill's local files.
Audit Metadata