security-audit
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill suggests using
bunx auditandgrepfor static analysis. These are standard development tools used here for their intended purpose of auditing dependencies and searching for secret patterns. - [EXTERNAL_DOWNLOADS] (INFO): The skill references a local file (
references/CHECKLIST.md) for auditing criteria. No external or untrusted remote downloads are initiated. - [PROMPT_INJECTION] (INFO): No patterns of direct prompt injection or bypass attempts were found. While the skill's purpose is to process external code (Category 8 surface), it lacks the high-privilege capabilities (like file-write or network-send) that would make Indirect Prompt Injection a significant threat.
Audit Metadata