pre-commit-manager
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Input validation is performed on template names using a strict whitelist, which prevents path traversal and arbitrary file manipulation.
- [COMMAND_EXECUTION]: The skill executes external tools like 'pre-commit' and 'detect-secrets' using subprocess.run with list arguments and shell=False (default), effectively preventing command injection vulnerabilities.
- [SAFE]: External URLs included in the generated configuration templates refer to well-known and reputable official repositories on GitHub.
Audit Metadata