core-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents defensive engineering practices, including hardcoded secret detection, input validation, and dependency auditing.
- [SAFE]: Instructions explicitly mandate human-in-the-loop validation for critical operations, such as Git commits, reducing the risk of autonomous malicious actions.
- [SAFE]: The tooling recommendations include established security scanners such as pip-audit, ggshield, and gitleaks, which promotes a secure development lifecycle.
- [SAFE]: Guidance for code review specifically includes checks for OWASP Top 10 vulnerabilities and secure logging policies.
Audit Metadata