ast-grep
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill provides templates for local execution of the ast-grep CLI tool. No administrative privileges or network requests are involved.
- PROMPT_INJECTION (LOW): The skill enables processing untrusted external code, creating an indirect prompt injection surface (Category 8). Evidence: 1. Ingestion points: Local codebase files; 2. Boundary markers: None; 3. Capability inventory: ast-grep CLI execution; 4. Sanitization: Guidance on escaping shell metavariables is provided.
- NO_CODE (SAFE): This skill contains only documentation and instructions and does not include any executable scripts or binary files.
Audit Metadata