generic-static-code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill suggests running
npx serve .to test sites locally. This command downloads and executes the 'serve' package from the npm registry. Because 'serve' is maintained by Vercel (a trusted organization), the risk is categorized as LOW. - SAFE (SAFE): Analysis of the instructions and code examples found no evidence of prompt injection, data exfiltration, or obfuscation.
- COMMAND_EXECUTION (SAFE): The skill contains commands for starting local servers (python http.server), which are standard developer tools and pose no security threat in this context.
Audit Metadata