opik-integrations-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill analyzes repository source code, creating a potential surface for indirect prompt injection. However, the risk is mitigated as the workflow is strictly analytical and lacks code execution capabilities. (Ingestion points: Local source files in sdks/ and apps/ directories. Boundary markers: Absent. Capability inventory: Read-only search and analysis. Sanitization: Absent.)
- [Command Execution] (SAFE): The suggested bash commands use ripgrep (rg) for searching the codebase. These are standard, read-only utilities for the intended auditing purpose and do not involve privilege escalation.
- [Data Exposure] (SAFE): The skill targets repository-specific paths for analysis and does not attempt to access sensitive system files, environment variables, or private credentials.
Audit Metadata