building-commands
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to execute a Python validation script (validate-command.py) that audits user-defined command files for security vulnerabilities and schema compliance. - [SAFE]: No security issues or malicious patterns were identified. The skill acts as a defensive utility, implementing proactive checks to prevent common security pitfalls (e.g.,
eval,rm -rf /, and remote code execution via piped commands) in the slash commands it processes. It follows best practices by usingyaml.safe_load()for secure configuration parsing.
Audit Metadata