api-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure] (SAFE): The provided
api_validator.pyscript reads local files based on a user-provided path. It does not access sensitive system paths (e.g., credentials, SSH keys) and does not transmit any data over the network. - [Unverifiable Dependencies] (SAFE): The Python script uses only standard libraries (
sys,json,re,pathlib). No external package installations or remote script executions are performed. - [Indirect Prompt Injection] (INFO): The skill processes external content (source code files) via the validator script. While this is an ingestion point, the skill only performs read-only operations and reports findings to the agent/user, posing negligible risk.
- [Command Execution] (SAFE): No arbitrary command execution or shell injection vectors were found. The script uses safe file system operations through the
pathlibmodule.
Audit Metadata