skills/salavender/antigravity-compound-engineering-plugin/standard-security-auth/Gen Agent Trust Hub
standard-security-auth
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill includes a shell command in the 'Instrumentation' section to execute a local script
./scripts/log-skill.shfor logging usage. This is a standard operational practice and does not involve remote code or untrusted sources. - [DATA_EXFILTRATION] (SAFE): No patterns of data exposure or network exfiltration were found. The skill correctly recommends using environment variables for sensitive configuration.
- [PROMPT_INJECTION] (SAFE): There are no attempts to override agent instructions, bypass safety filters, or extract system prompts.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process external code files (e.g., middleware.ts). While this creates an ingestion point for untrusted data, the skill's lack of automated write or network capabilities minimizes the risk of indirect injection attacks.
Audit Metadata