Skills
skills/wulaosiji/skills/skill-security-audit/Gen Agent Trust Hub

skill-security-audit

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill functions as a security scanner for other AI agent skills. Its operations are limited to reading local files and identifying potential security risks through regular expression matching.
  • [COMMAND_EXECUTION]: The script audit.py contains definitions for identifying dangerous command execution patterns (e.g., os.system, eval, exec, subprocess) in target files. It does not execute these commands itself; it only identifies them during the audit process.
  • [DATA_EXFILTRATION]: While the skill reads local file content to perform its audit, it does not contain any network communication code or external data transmission logic. The SKILL.md explicitly includes guardrails to prevent the exposure of secrets discovered during an audit.
  • [EXTERNAL_DOWNLOADS]: The skill references the author's official GitHub repository (github.com/wulaosiji/skills) and website (uniqueclub.ai) for documentation and updates. These are recognized as legitimate vendor resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 01:11 AM