Skills
skills/senweaver/senweaver-ide/security-reviewer/Gen Agent Trust Hub

security-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses run_command to execute standard security auditing tools.
  • Evidence: Usage of npm audit, pip audit, npx eslint --rule security, and npx gitleaks detect --source ..
  • [PROMPT_INJECTION]: The skill processes untrusted code files, creating a surface for indirect prompt injection.
  • Ingestion points: External source code files read via read_file and grep.
  • Boundary markers: Absent; there are no instructions to the agent to distinguish between code to be analyzed and instructions to be followed.
  • Capability inventory: The skill can execute shell commands (run_command), modify files (edit_file), and read files (read_file).
  • Sanitization: Absent; the skill lacks mechanisms to sanitize or validate the content of the ingested files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:49 AM