Skills
skills/georgekhananaev/claude-skills-vault/trailofbits-security/Gen Agent Trust Hub

trailofbits-security

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides standard security auditing functionality using well-known tools (CodeQL, Semgrep) and reputable third-party rulesets.
  • [DATA_EXFILTRATION]: The skill explicitly mandates privacy-preserving configurations, such as the --metrics=off flag for Semgrep, to ensure that no code or telemetry is leaked during analysis.
  • [COMMAND_EXECUTION]: The skill uses local shell commands and scripts to orchestrate the analysis workflow. These commands are transparently documented and follow a strict 'approval gate' policy (Step 3 in Semgrep workflow) where the user must verify the plan before execution.
  • [SAFE]: Artifacts and results are isolated within managed output directories, preventing accidental data loss or clutter in the user's project workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 01:17 PM