security-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill contains a comprehensive 'Command Blacklist' in
references/command-blacklist.mdthat includes destructive patterns such as fork bombs (:(){ :|:& };:), reverse shells (nc -e /bin/sh), and system-wide deletions (rm -rf /). These strings are used exclusively as detection patterns for the auditor's blacklist and do not represent executable code within the skill itself. - [PROMPT_INJECTION]: The skill identifies an indirect prompt injection attack surface because it is designed to ingest and parse third-party
SKILL.mdfiles. Although it lacks explicit boundary markers to isolate the analyzed content from the auditor's own instructions, this is a known risk factor associated with its primary function as a security analysis tool. - [EXTERNAL_DOWNLOADS]: The skill defines rigorous rules for network access in
references/api-whitelist.md. It enforces HTTPS, SSL verification, and timeouts while explicitly blacklisting high-risk domains such as Pastebin and Tor hidden services. - [SAFE]: No executable scripts, hardcoded credentials, or obfuscated payloads were detected. The skill is composed of metadata, configuration files, and instructional markdown that guide an AI agent in performing defensive security tasks.
Audit Metadata