Skills
skills/baggiponte/skills/spark-context-curator/Gen Agent Trust Hub

spark-context-curator

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a shell script scripts/run-spark-curator.sh that executes the codex exec command. The script correctly uses bash arrays and variable quoting to prevent command injection vulnerabilities.
  • [SAFE]: The execution environment is strictly limited by the --sandbox read-only and --ephemeral flags, ensuring that the AI agent cannot modify the local filesystem or persist changes.
  • [SAFE]: The skill relies on standard, local-only search utilities such as rg (ripgrep), find, and git, which do not involve external network calls or untrusted data execution.
  • [SAFE]: The system prompt explicitly instructs the agent to avoid write operations and git mutations, providing an additional layer of behavioral control.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:47 PM