auditing-pre-release-security
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution (SAFE): Employs standard developer tools like
gitandyarnto analyze repository state. These operations are essential to the primary function of auditing. - External Downloads (SAFE): Performs
yarn installusing--immutableor--frozen-lockfile, which restricts external communication to fetching verified dependencies from a lockfile. - Data Exposure & Exfiltration (SAFE): Explicitly forbids the inclusion of sensitive data (private keys, tokens, mnemonics) in the generated reports and recommends redacting command logs.
- Indirect Prompt Injection (LOW): The skill processes untrusted source code and dependency metadata which could contain malicious instructions. 1. Ingestion points: Git diffs and
node_modulesfile contents (SKILL.md Step B, F, G). 2. Boundary markers: Strict Chinese language output and specific Markdown report structures. 3. Capability inventory: File system access, shell execution (git,yarn), and network access via package managers. 4. Sanitization: Explicit rules for redacting secrets and limiting the length of code snippets.
Audit Metadata