code-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines tools for analyzing code metrics such as cyclomatic complexity and dependency graphs, which are standard developer productivity features.
- [SAFE]: The Node.js execution is confined to the skill's own internal script path (
/job/.pi/skills/code-analyzer/analyzer.js), which is a vendor-owned resource. - [SAFE]: No evidence of prompt injection or attempts to bypass safety filters was found in the instructions.
- [SAFE]: No network-enabled commands or sensitive file path access (e.g., SSH keys, AWS credentials) were detected.
- [SAFE]: The code scanning features described in the documentation are for analyzing user-provided source code for vulnerabilities (like SQL injection) rather than being vulnerabilities within the skill itself.
Audit Metadata