security-audit
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to search for and read sensitive information, such as hardcoded credentials, API keys, and authentication logic, as a core part of its security audit functionality. This behavior is restricted to local analysis for report generation.
- [COMMAND_EXECUTION]: Employs shell commands via
bashto interact with the project repository, usinggitto identify changes in pull requests andgrepto scan for vulnerability patterns in code files. - [PROMPT_INJECTION]: The skill processes untrusted data by reading source code files from the repository. This creates a surface for indirect prompt injection, as malicious instructions embedded within the analyzed code (e.g., in comments or string literals) could theoretically influence the agent's behavior during the audit process.
- Ingestion points: Reads PHP, JavaScript, TypeScript, and SQL files from the local filesystem.
- Boundary markers: None explicitly defined in the task prompt for the security-specialist sub-agent.
- Capability inventory: File system access (Read/Write), shell command execution (git/grep), and task delegation to other agents.
- Sanitization: No specific sanitization or filtering of the ingested code content is described.
Audit Metadata