security-watch
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious intent or suspicious patterns were found in the skill. The logic is consistent with the stated purpose of providing a security 'watch' mode for file operations.
- [SAFE]: The shell script uses regular expressions to scan content for sensitive data (e.g., AWS keys, OpenAI tokens) and insecure coding practices (e.g., eval, innerHTML). These operations are read-only and occur locally within the environment.
- [SAFE]: No network connectivity, external data exfiltration, or remote code execution vectors were identified. The script does not use curl, wget, or any other networking tools.
- [SAFE]: There are no attempts to acquire elevated privileges or establish persistence on the system.
- [SAFE]: The ingestion of file content for scanning is handled safely using grep for pattern matching, which does not involve executing the untrusted data.
Audit Metadata