coding-guidelines-gen
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill is designed to assist in project setup by proposing or executing standard formatting and linting commands (e.g., Ruff, Spotless). These actions are consistent with the primary purpose of a 'coding guidelines generator' and are mediated by user confirmation.
- [INDIRECT_PROMPT_INJECTION] (SAFE): Although the skill ingests data from the local file system via a scanning script, the attack surface is minimal. The scanner only recognizes a hardcoded whitelist of specific configuration filenames (MARKERS) and does not parse the content of those files in a way that would allow for command injection or agent subversion.
- [DATA_EXPOSURE] (SAFE): The provided Python script (scan_modules.py) identifies project module roots but explicitly excludes sensitive directories such as .git, .ssh, and credentials-related paths. No network operations or external data transfers are present in the skill's scripts or instructions.
Audit Metadata