Skills
skills/codealive-ai/agents-reflection-skills/plugins-management/Gen Agent Trust Hub

plugins-management

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill performs legitimate file system operations to scaffold projects and uses standard developer tools for its intended purpose.
  • [COMMAND_EXECUTION]: The script prepare_submission.py executes git and gh (GitHub CLI) commands via subprocess.run to retrieve repository metadata such as the current commit SHA and remote URL. These operations use structured argument lists to prevent shell injection and are consistent with the skill's stated purpose.
  • [DATA_EXFILTRATION]: The skill gathers project metadata and repository information to assist the user in filling out an official submission form. This process is transparent, requires manual execution by the user, and does not involve any unauthorized or hidden data transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 07:15 AM