ast-grep-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override agent behavior, bypass safety filters, or extract system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive file paths or perform network operations to non-whitelisted domains.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No references to external package managers or remote scripts were detected.
- [Privilege Escalation] (SAFE): No commands for elevating user privileges or modifying system-level configurations are present.
- [Persistence Mechanisms] (SAFE): No attempts to create scheduled tasks, modify shell profiles, or install services were found.
- [Metadata Poisoning] (SAFE): Metadata fields are descriptive and consistent with the content of the skill.
- [Indirect Prompt Injection] (SAFE): The skill does not process external or untrusted data; it is a static reference guide.
- [Time-Delayed / Conditional Attacks] (SAFE): No conditional logic or time-gated behaviors were detected.
- [Dynamic Execution] (SAFE): No patterns for runtime code generation or unsafe deserialization were identified.
Audit Metadata