learn
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's official API to perform search, installation, and version checking operations.
- Evidence: Network requests made via
WebFetchtohttps://agentskill.sh/api/agent/search,https://agentskill.sh/api/agent/skills/<slug>/install, andhttps://agentskill.sh/api/agent/skills/learn/version. - [COMMAND_EXECUTION]: Executes local shell commands to analyze the user's project environment and determine correct installation paths for various agent platforms.
- Evidence: Commands such as
git branch --show-currentare used to provide context-aware skill recommendations, andmkdir -pis used to manage skill directories. - [REMOTE_CODE_EXECUTION]: Provides a mechanism to download and install new agent instructions (skills) from the remote registry. This behavior is mitigated by an integrated security scanning system.
- Evidence: The 'Install Flow' logic fetches remote content and writes it to the local filesystem only after performing a security scan that blocks content with low security scores (below 70/100).
- [SAFE]: The skill includes a 'Self-Update' feature and an opt-out automatic rating system, both of which are transparently documented and aligned with the tool's purpose as a maintenance and discovery utility.
Audit Metadata