auth-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses
grepandfindto detect the project environment. These are read-only operations targeting local metadata (package.jsonand directory structure) to provide context-aware recommendations. They do not execute external code or modify the system. - DATA_EXPOSURE (SAFE): No evidence of credential leakage or unauthorized data exfiltration was found. The code templates correctly demonstrate best practices by using environment variables (
process.env) for secrets rather than hardcoding them. - REMOTE_CODE_EXECUTION (SAFE): The skill does not perform any network operations, download external scripts, or execute untrusted code.
- PROMPT_INJECTION (SAFE): No patterns of prompt injection, role-play overrides, or instructions to bypass safety filters were detected in the skill body or metadata.
Audit Metadata