security-audit-quick
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
BashandGrepto perform static code analysis. These commands are restricted to scanning local source code in defined directories such assrc/andsupabase/. The command patterns are predefined and do not incorporate untrusted external input into executable shell contexts. - [DATA_EXPOSURE]: The tool is designed to identify sensitive data (PII, credentials, and insecure cookies) to report them to the developer for remediation. It does not attempt to access system-sensitive files like SSH keys or environment files, nor does it possess network capabilities to exfiltrate data.
- [SAFE]: The functionality aligns perfectly with the skill's stated purpose of providing a fast security audit. It uses standard tools for their intended purposes and maintains a clear, non-malicious operational scope.
Audit Metadata