security-ownership-map
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script
scripts/run_ownership_map.pyusessubprocess.runwith an argument list. This is a secure implementation that prevents shell injection attacks as it avoids the use ofshell=True. - [EXTERNAL_DOWNLOADS] (SAFE): The skill identifies
networkxas a dependency.networkxis a widely-used, reputable library for complex network analysis and is considered a safe dependency. - [DATA_EXFILTRATION] (SAFE): The skill operates on local git repositories and outputs results to a local directory (
ownership-map-out). There are no network calls or attempts to access sensitive system files like SSH keys or environment variables. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted data from git logs (author names, commit messages, file paths).
- Ingestion points: Git repository metadata via
scripts/run_ownership_map.pyand its resulting CSV/JSON files. - Boundary markers: Absent. The data is converted to structured CSV/JSON but lacks specific instructions for the LLM to ignore embedded commands in field values.
- Capability inventory: Subprocess execution for git analysis and file writing for CSV/JSON generation.
- Sanitization: No sanitization of git metadata (e.g., author names) is performed before it is written to the output artifacts that the agent will eventually read.
Audit Metadata