anthropic-sdk
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or threat vectors detected. The analyzed file is a standard metadata descriptor (metadata.json) containing informational fields only.
- [EXTERNAL_DOWNLOADS] (SAFE): References to GitHub and documentation point to trusted, official Anthropic domains (github.com/anthropics and docs.anthropic.com). Per [TRUST-SCOPE-RULE], these are categorized as safe.
- [NO_CODE] (SAFE): The skill submission contains no executable scripts, logic, or instruction bodies, which eliminates common attack surfaces like command execution or obfuscation.
- [FALSE_POSITIVE] (SAFE): The automated scanner alert regarding 'logger.info' as a malicious URL is identified as a false positive; 'logger.info' is a standard programming method for logging and does not appear in the provided metadata.json file.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata