skill-security-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats detected. The skill's implementation aligns with its purpose as a security tool and follows safe development practices.
- [COMMAND_EXECUTION]: The skill uses the
subprocessmodule to clone git repositories for analysis. It correctly uses list-based arguments without a shell (shell=False), which prevents command injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The skill downloads content from external git repositories as a core feature. This operation is initiated by user input and uses standard system tools to fetch analysis targets.
- [PROMPT_INJECTION]: The skill processes untrusted external data (files from target skills) for auditing purposes. While it possesses an indirect prompt injection surface due to its ability to ingest untrusted content and perform command execution (cloning), the risk is minimal as the content is only scanned statically and not executed.
- Ingestion points:
scripts/skill_security_auditor.py(reads skill files and clones git repositories). - Boundary markers: None identified in the processing logic.
- Capability inventory:
subprocess.run(used for cloning git repositories). - Sanitization: External content is matched against static regex patterns for detection; no dynamic interpolation into executable code was found.
Audit Metadata