Skills
skills/thibautbaissac/rails_ai_agents/security-audit/Gen Agent Trust Hub

security-audit

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local security binaries including bin/brakeman, bin/bundler-audit, and rspec to perform vulnerability scans and policy verification.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted project source code and security scanner outputs which represents an indirect injection surface.
  • Ingestion points: Source files within app/ and config/ directories (Controllers, Models, Views, etc.) and tool output from Brakeman and Bundler Audit.
  • Boundary markers: Absent; the skill does not use delimiters to isolate untrusted code from auditing instructions.
  • Capability inventory: Execution of local shell commands via the agent's shell environment.
  • Sanitization: The skill does not implement sanitization for the code content it evaluates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 10:19 PM