ln-761-secret-scanner
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The workflow visualization in
diagram.htmlfetches the Mermaid.js library from the well-known JSDelivr CDN. This is a standard and safe practice for rendering diagrams. - [COMMAND_EXECUTION]: To perform its primary function of secret scanning, the skill instructs the agent to execute local security tools such as gitleaks or trufflehog. It also provides a fallback to manual pattern matching using standard system utilities. These operations are essential for the skill's purpose and are conducted within the local environment.
- [NO_CODE]: The skill package does not contain executable scripts (e.g., Python or JavaScript files). It relies on markdown instructions, regex patterns in documentation, and configuration templates to guide the agent in using external system tools.
- [SAFE]: The skill's design prioritizes security by explicitly mandating the redaction of actual secret values in all generated reports and logs. This prevents accidental data exposure during the scanning process.
Audit Metadata