aurora-origin-merge
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No security issues detected. The skill performs legitimate development tasks and follows a defined merge logic that preserves custom code.
- [COMMAND_EXECUTION]: In SKILL.md, the skill uses bash to run git, fd, rm, and npx commands. These are standard tools for managing and merging code in a development environment and their usage here is restricted to the local project context.
- [DATA_EXFILTRATION]: No network activity or hardcoded credentials were found. The skill only interacts with local files and uses /tmp/ for temporary diffing operations.
Audit Metadata