soc-security-skills
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill suite implements a robust security model, including mandatory 'Scope Constraints' and 'Input Sanitization' sections in every specialist skill. These instructions effectively guide the AI agent to mitigate common vulnerabilities like path traversal and command injection.
- [PROMPT_INJECTION]: No evidence of prompt injection or instructions to override safety filters was found. The instructions maintain a professional, technical tone focused on security analysis methodologies like STRIDE and JIL.
- [DATA_EXFILTRATION]: Specialist skills are restricted to read-only operations within the project directory. The kernel security analysis explicitly warns the agent to 'assess, do not access' sensitive system paths like /dev/mem.
- [EXTERNAL_DOWNLOADS]: The installation script (install.sh) correctly identifies the author's GitHub repository (github.com/dtsong/soc-security-skills) as the source for components. Per vendor context rules, this is considered a safe and legitimate resource.
- [COMMAND_EXECUTION]: The package includes a comprehensive security specification (SKILL-SECURITY-SPEC.md) and pre-commit hooks that scan for dangerous commands and sensitive paths, demonstrating a high degree of security awareness and self-regulation.
Audit Metadata