security-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill utilizes common command-line utilities such as
git,grep,pnpm audit, andpip-auditto perform its primary function of security reviewing. These commands are restricted to local analysis of the codebase and do not involve remote execution or privilege escalation. - [Data Exposure & Exfiltration] (SAFE): While the skill searches for hardcoded secrets and sensitive file paths using
grep, it does so to alert the developer of security risks. There are no network operations or external data transmissions detected. - [Indirect Prompt Injection] (LOW): The skill processes untrusted code from a repository. An attacker could theoretically embed malicious instructions within the code comments or strings to deceive the security reviewer.
- Ingestion points:
git diff,grep -rE, and general file reading of the source directory. - Boundary markers: None explicitly defined to separate code data from instructions.
- Capability inventory: Execution of shell commands (
git,grep,pnpm,pip-audit). - Sanitization: No sanitization of the input code before analysis is mentioned.
Audit Metadata