Skills
skills/bluewaves-creations/bluewaves-skills/site-publisher/Gen Agent Trust Hub

site-publisher

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to execute a local Python script (site_api.py) for site management tasks such as publishing, listing, and deleting sites.
  • Evidence: Multiple examples in SKILL.md show the usage of python3 scripts/site_api.py for core functionality.
  • [CREDENTIALS_UNSAFE] (SAFE): Authentication with the Cloudflare-based API is handled through externalized secrets rather than hardcoded keys.
  • Evidence: SKILL.md instructs users to provide an admin_token via environment variables or a local credentials.json file.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill provides a feature to retrieve site files from the remote server for local management.
  • Evidence: The download command documented in SKILL.md allows users to sync remote content from the API to a local ./build directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 08:22 AM