cve-validation
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks detected in the skill instructions or workflow.
- [EXTERNAL_DOWNLOADS]: The skill retrieves CVE metadata from official Red Hat services (console.redhat.com and access.redhat.com) via the lightspeed-mcp server. These are well-known technology service domains and are considered safe.
- [PROMPT_INJECTION]: Operational constraints are used to ensure the agent follows the intended workflow, which do not constitute malicious injection or safety bypasses.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive local file exposures were identified; environment variables are correctly used for sensitive configuration.
Audit Metadata