code-audit
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured multi-phase workflow (Detect, Load Context, Evaluate, Report, Fix) that ensures systematic analysis rather than reactive behavior.
- [SAFE]: Data access is limited to reading the targeted codebase for audit purposes and scanning sibling skill directories to load relevant local rules for detected technologies.
- [SAFE]: The skill explicitly instructs the agent to search for security vulnerabilities, including hardcoded secrets and injection patterns, acting as a defensive security tool.
- [SAFE]: The 'Audit and fix' capability is protected by a mandatory human-in-the-loop control, requiring the agent to present findings and receive explicit user authorization before any file modifications are performed.
- [PROMPT_INJECTION]: The skill processes untrusted data from the codebase being audited, creating a surface for indirect prompt injection. However, this is mitigated by strict workflow enforcement and the requirement for user approval before taking action.
- Ingestion points: Target codebase source files and dependency manifests; sibling skill configuration files.
- Boundary markers: The skill uses structured report segments and headers to separate analysis from output.
- Capability inventory: MCP tool execution (
resolve-library-id,query-docs), file reading across the codebase and sibling skills, and file writing (for approved fixes). - Sanitization: All automated fixes require prior human review and explicit confirmation of the audit report.
Audit Metadata