security-review
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a structured methodology for performing security reviews and audits. It correctly identifies standard tools and frameworks (STRIDE, OWASP, CVSS) and includes mandatory ethical constraints like requiring written authorization.\n- [COMMAND_EXECUTION]: The skill instructs the agent to run various security scanning tools (e.g., semgrep, trivy, npm audit). These are appropriate for the skill's primary purpose of security auditing and are well-known security utilities.\n- [EXTERNAL_DOWNLOADS]: Mentions standard security tools and package auditors (trivy, semgrep, pip-audit, etc.). These are well-known technology services and their use within a security auditing skill is expected and safe.\n- [PROMPT_INJECTION]: Indirect injection risk surface noted as the skill processes external codebases.\n
- Ingestion points: The skill processes user-provided code and configuration from startup-context (SKILL.md).\n
- Boundary markers: No specific boundary markers or "ignore instructions" delimiters are defined for processing external code.\n
- Capability inventory: The agent can execute several CLI scanning tools and generate detailed reports.\n
- Sanitization: No explicit sanitization of input data is mentioned, though the methodology relies on specific automated tools that typically treat input as data rather than instructions.
Audit Metadata