review-security
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation and YAML metadata. It does not contain any executable scripts (Python, JavaScript, shell), binaries, or configuration files that trigger command execution.
- [SAFE]: The instructions are aligned with standard security auditing practices (OWASP Top 10) and do not contain patterns suggesting prompt injection, behavior overrides, or attempts to bypass safety filters.
- [SAFE]: No hardcoded credentials, sensitive file paths, or network operations were found. There is no mechanism within the skill to exfiltrate data.
- [SAFE]: While the skill's purpose is to process untrusted code (representing an indirect prompt injection surface), the skill lacks any capabilities—such as file writing, subprocess spawning, or network requests—that could be exploited if malicious instructions were encountered in the analyzed code.
Audit Metadata