senior-fullstack
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- General Security (SAFE): No malicious patterns or security risks were identified across any of the 10 threat categories.
- Data Handling (SAFE): The included scripts (
code_quality_analyzer.py,fullstack_scaffolder.py, andproject_scaffolder.py) are placeholder templates. They perform basic path validation using thepathliblibrary but do not read file contents, access sensitive system paths, or initiate network connections. - Dependencies (SAFE): The
SKILL.mdfile contains standard setup instructions involvingnpm installandpip install, but no external package manifest files (likepackage.jsonorrequirements.txt) were provided for analysis. No remote script execution patterns (e.g., piped bash commands) were found. - Indirect Prompt Injection (SAFE): While the scripts are designed to target user-specified directories, the current implementation does not process the content of those files, eliminating the surface for indirect prompt injection at the script level.
Audit Metadata