Skills
skills/activitysmithhq/activitysmith-cli/activitysmith/Gen Agent Trust Hub

activitysmith

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on several shell scripts to interact with the system and the service. These scripts execute the activitysmith command-line interface to send data to the vendor's API.
  • [EXTERNAL_DOWNLOADS]: The skill documentation and error handling in scripts/common.sh direct the user to install the activitysmith-cli package via NPM. This is a legitimate vendor tool required for the skill to function.
  • [DATA_EXFILTRATION]: While the skill transmits data (notification messages, titles, and URLs) to an external service, this is the primary intended purpose of the skill and is performed using a vendor-provided CLI tool.
  • [SAFE]: All external resources, including the CLI tool and the service itself, originate from the verified vendor 'activitysmithhq'. The shell scripts use proper quoting to handle user-provided arguments safely.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:32 PM