Skills
skills/svenja-dev/claude-code-skills/code-quality-gate/Gen Agent Trust Hub

code-quality-gate

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to perform 'Gate' checks by running project-defined scripts such as npm run test and npm run build.
  • Ingestion points: The skill is activated on 'code changes', 'PR reviews', and 'deployment requests' (SKILL.md).
  • Boundary markers: Absent. There are no instructions to verify the safety of the scripts before execution.
  • Capability inventory: Full shell execution via npm run within the agent's environment or CI runner (SKILL.md).
  • Sanitization: Absent. The agent executes whatever is defined in the repository's configuration file.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill recommends the installation of third-party Node.js packages (husky, lint-staged). While these are standard tools, they represent an external dependency chain.
  • Evidence: npm install -D husky lint-staged (SKILL.md).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:19 AM