coderabbit-security-basics
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to improve security posture by providing hardened configuration for CodeRabbit. It correctly instructs the exclusion of sensitive file patterns like .env, .pem, and .tfstate from AI analysis.- [COMMAND_EXECUTION]: Step 4 contains a diagnostic script that uses python3 -c to audit the local configuration file. This script uses yaml.safe_load() to prevent unsafe deserialization and is a benign administrative tool.- [EXTERNAL_DOWNLOADS]: Documentation examples reference well-known GitHub Actions (actions/checkout@v4). These references are illustrative and target trusted infrastructure.- [PROMPT_INJECTION]: The skill provides instructions for the CodeRabbit AI via configuration. These instructions are context-appropriate and do not attempt to bypass system safety filters.
Audit Metadata