secret-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override agent behavior or bypass safety filters were detected. The skill uses natural instructional language to define its activation triggers.
- [Data Exposure & Exfiltration] (SAFE): The skill's primary purpose is to identify and protect sensitive data. While it lists patterns for credentials, it does so to alert the user. No network tools or external data transfer mechanisms were found.
- [Command Execution] (SAFE): The documentation mentions git integration (e.g., git commit) and emergency remediation commands (e.g., git filter-branch). These are presented as guidance for the user or descriptions of intended logic. The allowed-tools are strictly limited to Read and Grep, preventing arbitrary command execution.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted code files (Ingestion points: local filesystem via Read/Grep). While it lacks explicit boundary markers for scanned content, its limited capability inventory (no network, no write access) mitigates the risk of a malicious file influencing the agent's behavior beyond the scanning context.
Audit Metadata