web-app-security-audit
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
grep,glob,curl, and package auditing tools. These are used strictly for identifying vulnerabilities and checking security headers in the user-specified project. - [PROMPT_INJECTION]: The skill contains complex prompts for sub-agents to analyze specific security layers. These prompts are functional and do not attempt to override system safety constraints.
- [SAFE]: The skill processes untrusted code files for auditing. While this represents a surface for indirect prompt injection, the skill's operational scope is limited to reading files and producing documentation, and the instructions provide a clear, deterministic workflow that reduces the risk of unintended behavior.
Audit Metadata