github-codeowners-management
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill and its associated script were found to be free of malicious patterns, obfuscation, or safety bypass attempts.
- [COMMAND_EXECUTION]: The skill uses a local Python script (
scripts/lint_codeowners.py) for linting CODEOWNERS files. The script relies solely on the Python standard library and performs safe string-based analysis without executing or evaluating the content of the files it reads. - [INDIRECT_PROMPT_INJECTION]: While the skill ingests repository data (the CODEOWNERS file), it lacks an exploitable capability surface. The Python script performs static validation and does not interact with the network or shell in a way that could be manipulated by the file content.
- [DATA_EXPOSURE]: The skill's scope is restricted to repository configuration files. No attempts to access sensitive system paths (like SSH keys or AWS credentials) or environment variables were identified.
Audit Metadata