find-bugs
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes standard developer tools, specifically
gitandgh(GitHub CLI), to identify code changes. The commandgh repo view --json defaultBranchRef --jq '.defaultBranchRef.name'is a safe, read-only operation used to programmatically determine the repository's default branch name for comparison. - [SAFE]: The instructions implement a structured security review methodology, including attack surface mapping and a comprehensive security checklist covering common vulnerabilities like injection, XSS, and broken access control.
- [SAFE]: No evidence of data exfiltration, remote code execution, or credential harvesting was found. The skill operates on local filesystem data and reports its findings directly to the user.
- [SAFE]: The skill explicitly instructs the agent to report findings rather than making changes to the code, maintaining user control over the environment.
Audit Metadata