security-review
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data in the form of code changes and project files to be analyzed by an external model. This creates an indirect prompt injection surface where maliciously crafted code could contain instructions designed to deceive the security auditor. The skill includes sandbox configuration for the model interactions to mitigate potential risks.
- [DATA_EXFILTRATION]: The skill is configured to locate and read files that likely contain sensitive data, searching for keywords such as 'password', 'secret', 'token', and 'credential' within the project scope. This behavior is a core component of its auditing functionality (finding hardcoded secrets) and does not represent an exfiltration risk as no unauthorized external network requests were identified.
- [COMMAND_EXECUTION]: The skill uses localized bash commands including 'git diff', 'grep', and 'cat' to collect code context. These commands are restricted to the local development environment and are used to provide the necessary data for the OWASP security review workflow.
Audit Metadata