product
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official GitHub CLI tool (
gh api) to retrieve public repository statistics such as star counts and fork counts. This operation targets a well-known service for public data. - [SAFE]: Local file access is restricted to reading standard project metadata files (e.g., package.json, README.md) to provide context-aware suggestions during the interview process.
- [SAFE]: The skill employs a human-in-the-loop pattern, using the
AskUserQuestiontool to present all gathered information and suggestions to the user for approval before writing to the file system. - [SAFE]: The provided validation script (
scripts/validate.sh) is a benign utility that checks for the existence and basic formatting of the skill files using standard shell commands.
Audit Metadata