Skills
skills/sickn33/antigravity-awesome-skills/semgrep-rule-creator/Gen Agent Trust Hub

semgrep-rule-creator

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Uses the Bash tool to execute semgrep --test commands. This is the legitimate and intended method for validating the Semgrep rules created by the skill.
  • [EXTERNAL_DOWNLOADS]: Fetches documentation and rule-writing guidelines from well-known and official sources, including semgrep.dev and GitHub repositories belonging to the Semgrep project.
  • [DYNAMIC_EXECUTION]: Static analysis hints flagged the use of eval, but these instances are purely descriptive. They appear in markdown examples to teach the agent which dangerous code patterns the generated Semgrep rules should target (e.g., identifying eval($X) as an injection sink).
  • [PROMPT_INJECTION]: The skill ingests user descriptions and code snippets to generate detection logic. This is a standard functional surface for a code-generation skill and is managed by clear workflow instructions and boundaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 11:51 PM