analyze
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation and the accompanying Python script (
scripts/analyze.py) do not contain any malicious patterns such as prompt injection, credential theft, or unauthorized data access. - [SAFE]: The Python script is a local utility that uses only standard libraries (
argparse,sys) to manage the state of a multi-step analysis process. It does not perform network operations, file modifications, or dynamic code execution. - [SAFE]: The workflow incorporates security best practices by requiring the agent to provide file-level evidence (file:line) and quoted code for all findings, which facilitates human verification of the analysis results.
- [SAFE]: While the skill involves reading untrusted codebase data (Category 8 surface), the structured workflow and the 'Verification' phase serve as built-in mitigations against accidental obedience to instructions found within analyzed files.
Audit Metadata