skills/shunsukehayashi/miyabi-claude-plugins/Security Audit and Vulnerability Scanning/Gen Agent Trust Hub
Security Audit and Vulnerability Scanning
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is designed for defensive security purposes, providing a structured approach to auditing codebases for vulnerabilities and misconfigurations.
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard, reputable security tools (
cargo-audit,cargo-deny,cargo-geiger,gitleaks) through the Bash tool. These operations are aligned with the skill's primary objective of security auditing. - [CREDENTIALS_UNSAFE] (SAFE): While the skill mentions various credential patterns (e.g., AWS keys, GitHub tokens), these are provided as examples for the agent to identify and remove from the codebase during an audit, rather than being hardcoded secrets used for unauthorized access.
- [PROMPT_INJECTION] (SAFE): No instructions designed to bypass safety filters or override agent behavior were detected. The use of natural language is instructional and task-oriented.
- [DATA_EXFILTRATION] (SAFE): There are no network-related commands or logic intended to transmit sensitive local data to external domains.
Audit Metadata