skill-manager
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to manage agent skills by reading and writing files within specific project directories like
.skills/and.claude/. These actions are restricted to local paths and align with the skill's primary purpose. - [EXTERNAL_DOWNLOADS]: The skill references a repository from Vercel Labs for external agent skills. Vercel is a well-known service and trusted organization, making this reference safe.
- [PROMPT_INJECTION]: The logic for generating and validating skills includes a health check (MODE 4) that enforces strict formatting and content guidelines, which serves as a safeguard against the creation of non-compliant or hazardous instructions.
- [DATA_EXFILTRATION]: No instructions for network connectivity or external data transmission were detected. The analysis of project metadata (CI/CD, Docker, API routes) is used solely for local gap analysis.
Audit Metadata