Skills
skills/trailofbits/skills/trailmark-summary/Gen Agent Trust Hub

trailmark-summary

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the trailmark and find utilities via the shell to perform structural analysis on a target directory.
  • Evidence: find {args} -type f ... and trailmark analyze --summary {language_flag} {args} in the Execution section.
  • Note: This is standard functionality for a command-line wrapper skill. While {args} is interpolated into the shell command, the skill's purpose is to analyze user-specified local directories.
  • [SAFE]: The skill implements strict environment constraints by explicitly forbidding the agent from performing automated installations.
  • Evidence: "Do NOT run pip install, uv pip install, git clone, or any install command. The user must install trailmark themselves."
  • This prevents the agent from introducing unauthorized or unverified external software into the host environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:42 PM