code-analyze
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious behaviors or security risks were identified. The skill follows best practices for a diagnostic and analysis utility.
- COMMAND_EXECUTION (SAFE): The
analyze.shscript executes standard development tools (dotnet,pre-commit) to perform its stated functions. These operations are limited to the local repository context. - EXTERNAL_DOWNLOADS (LOW): The skill performs dependency vulnerability checks which involve querying official NuGet advisory databases via the
dotnet list packagecommand. This is a trusted operation for the intended use case. - DATA_EXPOSURE (SAFE): While the skill scans for secrets (Gitleaks/detect-secrets), it does so to report them to the user, not to exfiltrate them. No network exfiltration patterns were found.
Audit Metadata