bloat-detector
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local codebase analysis using standard shell tools (Bash, Grep, Glob) to identify large files, stale code, and duplicated blocks.
- [SAFE]: External static analysis tool integrations (e.g., Vulture, Knip, autoflake) target well-known open-source packages from official registries and are used for their intended diagnostic purposes.
- [SAFE]: The skill implements safety protocols such as 'Never auto-delete' and dry-run previews, ensuring that all proposed remediations are reviewed and approved by the user.
- [SAFE]: Git history analysis (staleness detection, churn metrics) uses standard Git commands to evaluate file activity without exfiltrating metadata or accessing sensitive credentials.
- [SAFE]: Logic for detecting AI-generated patterns and documentation verbosity is based on local heuristics (e.g., word density, duplication ratios) and does not involve execution of untrusted code or remote processing.
Audit Metadata