command-development
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely composed of documentation and example Markdown files. No executable scripts, binaries, or active code are included in the skill package.
- [SAFE]: The documentation provides explicit guidance on security best practices, including instructions on how to use the
allowed-toolsfrontmatter field to restrict a command's access to only the necessary tools (least privilege). - [SAFE]: The skill includes multiple 'Validation Patterns' that teach developers how to verify command arguments and check for the existence of files before processing them, which helps prevent accidental or malicious misuse.
- [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected. References to external tools (like the GitHub CLI, NPM, and Node.js) are used neutrally within an educational context and target well-known, trusted services.
Audit Metadata