ast-grep
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides instructions for the agent to execute the
ast-grepCLI. These commands are standard for structural code searching and are confined to the tool's intended use case of local codebase analysis. - [DATA_EXPOSURE] (SAFE): Although the tool is designed to search through source code, the skill does not include any patterns for exfiltrating data, accessing sensitive system files (like SSH keys), or sending results to external servers.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not instruct the agent to download any external scripts, binaries, or packages. It assumes the
ast-greptool is already available in the environment. - [PROMPT_INJECTION] (SAFE): The instructions are clear and focused on providing a developer workflow. There are no attempts to override system prompts, bypass safety filters, or use adversarial role-play.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill involves processing natural language to generate search rules, the output is restricted to
ast-greppatterns and local test files. The inclusion of instructions to escape metavariables ($VAR) for shell safety demonstrates a proactive approach to preventing common injection issues in command-line tools.
Audit Metadata