create-threat-model
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for security analysis and correctly focuses on identifying trust boundaries and attack surfaces within a codebase. It uses localized file reading and writing consistent with its primary purpose.
- [SAFE]: No obfuscation, hardcoded credentials, or persistence mechanisms were detected. The skill does not perform any network operations to external domains.
- [SAFE]: While the skill processes untrusted data (the codebase being analyzed), which is a common surface for indirect prompt injection, it follows a structured and descriptive methodology. The potential for such an attack is inherent to the tool's core functionality of analyzing external code and does not indicate malicious intent in the skill itself.
Audit Metadata