protobuf
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill utilizes the Buf Schema Registry (BSR) at
buf.buildfor managing dependencies (e.g.,buf.build/bufbuild/protovalidate) and executing remote code generation plugins. These are trusted, industry-standard sources for Protocol Buffer development. - [COMMAND_EXECUTION] (SAFE): The skill instructions guide the agent to use standard development tools such as the
bufandprotocCLIs for formatting, linting, and breaking change detection. These operations are restricted to the local workspace and official registries. - [REMOTE_CODE_EXECUTION] (SAFE): Remote plugins on
buf.buildare used for code generation. While this involves executing code on a remote server, it is the standard and intended functionality of the Buf toolchain to ensure consistent generation across environments. - [DATA_EXFILTRATION] (SAFE): Documentation includes commands like
buf pushfor publishing schemas to a private or public registry. This is a standard feature for schema management and does not involve unauthorized data movement.
Audit Metadata