api-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes a local script (
scripts/audit.js) to perform its primary function. The script is minimal and performs a single network operation as intended. - [EXTERNAL_DOWNLOADS] (SAFE): The script makes a network request to a URL supplied by the user at runtime. This behavior is consistent with the skill's stated purpose of auditing API endpoints. While any tool allowing arbitrary URL requests carries a nominal SSRF (Server-Side Request Forgery) risk, it is functionally required for this task.
- [DATA_EXFILTRATION] (SAFE): No access to sensitive files, environment variables, or hardcoded credentials was detected. The script only communicates with the target URL provided by the user.
Audit Metadata