Skills
skills/trailofbits/skills/audit-augmentation/Gen Agent Trust Hub

audit-augmentation

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends installing the trailmark package from a standard registry. This is a trusted vendor resource.
  • [COMMAND_EXECUTION]: Uses the trailmark CLI to process data and generate code graph augmentations.
  • [PROMPT_INJECTION]: The skill ingests data from external SARIF and weAudit files. Ingestion points: The augment_sarif and augment_weaudit methods load local JSON files. Boundary markers: None specified. Capability inventory: Ingested findings are used for graph annotations and subgraphs; no arbitrary code execution or network operations are driven by the ingested content. Sanitization: Not explicitly performed on input data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:42 PM