Skills
skills/awp-worknet/kya-skill/kya/Gen Agent Trust Hub

kya

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads its core binary and installation scripts from the author's official GitHub repository.
  • Evidence: The install.sh script fetches kya-agent release assets from https://github.com/awp-worknet/kya-skill/releases/latest/download/.
  • Evidence: The bootstrap.sh and smoke_test.sh scripts download the installation script from https://raw.githubusercontent.com/awp-worknet/kya-skill/main/install.sh.
  • [COMMAND_EXECUTION]: The skill performs shell-based operations to execute the downloaded binary and other local tools.
  • Evidence: src/cmd/open.rs implements a command dispatcher that re-invokes the kya-agent binary using std::process::Command to handle kya-sign:// magic links.
  • Evidence: src/wallet.rs executes the awp-wallet CLI for cryptographic signing operations.
  • Evidence: src/cmd/sign.rs utilizes platform-specific utilities like pbpaste, xclip, or powershell to read content from the system clipboard.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:36 AM