full-audit
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes industry-standard security scanners (e.g., semgrep, gitleaks, npm audit, trivy) via bash commands to identify vulnerabilities. This is the primary intended function of the skill for performing security assessments.\n- [COMMAND_EXECUTION]: Uses git ls-files to resolve the audit scope, ensuring only tracked files are processed during the scanners and subagent analysis phases.\n- [SAFE]: Implements a complex orchestration logic that launches multiple framework-specific subagents in parallel to perform specialized security reviews (OWASP, STRIDE, PASTA, LINDDUN).\n- [SAFE]: Automatically assembles a detailed security report from the findings of individual scanners and subagents, following a pre-defined reporting schema and maintaining local state for session tracking.
Audit Metadata