security-audit-2
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of security tools (
jq,trufflehog,semgrep) using official package managers such asapt,brew, andpipx. These are well-known technology tools and organizations, and their installation is considered safe for the intended purpose of the skill. - [COMMAND_EXECUTION]: The skill executes external security scanners (
trufflehog,semgrep) and a local Python script (hostile_audit.py) to analyze codebases. These operations are performed via subprocess calls in bash scripts and are limited to the target directory provided by the user. - [DATA_EXPOSURE]: The skill reads files from the user-specified target directory to perform analysis. It includes an
openclaw-skill.jsonmanifest that explicitly denies access to sensitive system directories such as/etc,/proc, and/root, adhering to the principle of least privilege. - [PROMPT_INJECTION]: The
hostile_audit.pyscript contains a library of regex patterns used to detect prompt injection attempts (e.g., 'ignore all instructions') and exfiltration signals (e.g., 'steal api key') within the repositories being audited. This functionality is defensive and does not pose a threat to the agent running the skill. - [SAFE]: Hardcoded paths in
scripts/security_audit.sh(targeting/home/virta/) appear to be artifacts of the developer's environment and do not constitute a security risk.
Audit Metadata