ai-workflow-red-team-lite
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for local security auditing. Its primary component is a Python script that analyzes provided input files or directories to identify security vulnerabilities such as exposed secrets or dangerous shell command patterns.
- [COMMAND_EXECUTION]: The skill facilitates the execution of a local script,
scripts/run.py. This script is used to automate the auditing process. Analysis of the source code confirms it uses only Python standard libraries and performs no dangerous subprocess calls or shell evaluations. - [DATA_EXPOSURE]: The script includes logic to detect hardcoded credentials (API keys and tokens). Importantly, it implements a masking mechanism (
re.sub) to truncate and obscure these secrets in the generated reports, preventing accidental data exposure. - [SAFE]: No network activity, obfuscation, persistence mechanisms, or unauthorized privilege escalations were detected. The skill follows the principle of least privilege by operating as a read-only auditor that generates reports on the local filesystem.
Audit Metadata