security-checklist
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- SAFE (SAFE): The skill consists solely of a markdown checklist. No malicious patterns, obfuscation, or data exfiltration vectors were identified within the provided file.
- NO_CODE (SAFE): This skill contains no executable scripts or functions; it is a purely informational resource for developers and auditors.
- EXTERNAL_DOWNLOADS (SAFE): While the checklist mentions standard security tools such as npm audit and pip-audit for manual auditing, it does not include instructions to download or execute these tools automatically.
- PROMPT_INJECTION (SAFE): There are no instructions designed to manipulate agent behavior, override system prompts, or bypass safety guidelines.
- Note on Automated Scan: The scanner alert for 'logger.info' is identified as a false positive. This string is not present in the skill content, and even as a code pattern, it represents a standard logging function rather than a malicious URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata