skill-forge-publish
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation and template provider for developers to share their own skills. It does not contain any executable malicious payloads.
- [COMMAND_EXECUTION]: The skill includes a template for an
install.shscript designed to copy files into the standard Claude Code directories (~/.claude/skillsand~/.claude/agents). The script uses safe practices such asset -euo pipefailand does not require administrative privileges (sudo). - [CREDENTIALS_UNSAFE]: The skill explicitly instructs users to avoid including secrets or API keys in their distributions and provides a
.gitignoretemplate that excludes.envfiles.
Audit Metadata