ast-grep
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for using the
ast-grepCLI tool for structural code analysis. - [SAFE]: All command examples provided (e.g.,
ast-grep scan,ast-grep run) are intended for local execution on the user's codebase and do not involve fetching or executing code from untrusted remote sources. - [SAFE]: No evidence of prompt injection, data exfiltration, or obfuscation was found in the provided files. The instructions include helpful safety warnings regarding shell escaping when using metavariables in the CLI.
Audit Metadata