security-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of Markdown files providing security audit checklists and best practices.
- [NO_CODE] (SAFE): No executable scripts or automation logic are included in the skill. All code snippets in 'owasp-top-10.md' and 'vulnerability-patterns.md' are provided for educational and code-review training purposes only.
- [CREDENTIALS_UNSAFE] (SAFE): While 'vulnerability-patterns.md' contains example hardcoded secrets (e.g., 'sk_live_abc123xyz'), these are clearly labeled as 'BAD' patterns in a defensive programming context and pose no risk.
- [EXTERNAL_DOWNLOADS] (SAFE): References to external security tools like Snyk or npm audit are instructional and do not involve automated execution or unverified remote downloads.
Audit Metadata