variant-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill contains no evidence of malicious behavior, obfuscation, or unauthorized data exfiltration. It is a well-documented resource for security researchers.
- [COMMAND_EXECUTION]: The skill utilizes established command-line tools for static analysis, including CodeQL, Semgrep, and grep, which are used locally and appropriately for their intended defensive purpose.
- [PROMPT_INJECTION]: While the skill analyzes external source code—creating a theoretical surface for indirect prompt injection—no active vulnerabilities or malicious interpolation patterns were identified within the skill's instructions.
Audit Metadata