lint
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the 'Bash' tool to execute project-specific commands via 'hatch'. These commands (e.g., 'hatch run lint:fmt') are standard developer workflows for formatting and linting code within the repository and do not exhibit malicious intent.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote scripts, external binaries, or unverifiable packages are downloaded or executed. The skill relies entirely on the local environment's 'hatch' configuration.
- [PROMPT_INJECTION] (SAFE): The markdown content contains clear, instructional language for the agent without any attempts to bypass safety filters, extract system prompts, or override core behavior.
- [DATA_EXFILTRATION] (SAFE): There are no hardcoded credentials, access to sensitive system paths (like SSH keys), or network calls to external domains. The 'security' linting feature (Bandit) is a defensive tool used to identify vulnerabilities in the code itself.
Audit Metadata