Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/secret-scanner/Gen Agent Trust Hub

secret-scanner

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [No Code] (SAFE): The skill consists entirely of a markdown definition file (SKILL.md) with no accompanying executable code, scripts, or binary files. No malicious behavioral patterns were detected.- [Indirect Prompt Injection] (LOW): As a secret scanner, the skill is designed to ingest and process external, potentially untrusted data. This creates a surface for indirect prompt injection, although no specific vulnerable implementation logic is provided within the skill itself.
  • Ingestion points: Files or code blocks processed via the Read and Grep tools.
  • Boundary markers: Absent from the skill definition.
  • Capability inventory: Access to Read, Write, Grep, and Bash tools.
  • Sanitization: No evidence of sanitization or content filtering is provided in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM