skills/seqis/openclaw-skills-converted-from-claude-code/agent-security-specialist/Gen Agent Trust Hub
agent-security-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents several common security tools (npm audit, safety, trivy, semgrep, truffleHog) for manual execution by a user during a security review. These are standard industry tools for vulnerability scanning and are provided here as educational methodology rather than automated scripts.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill mentions sensitive file paths such as
~/.claude/skills/security-best-practices/SKILL.mdand/path/to/source/.claude/agents/security-specialist.md. These are internal references to other skill files or agent configurations and do not represent unauthorized data access or exfiltration. - [PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected. The instructions reinforce security best practices and safety guidelines (e.g., 'Trust nothing, validate everything').
- [EXTERNAL_DOWNLOADS]: The skill mentions external tools (OWASP ZAP, Burp Suite, Snyk, etc.), but it does not attempt to download or install them automatically.
Audit Metadata