travel-companion
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and runs the vendor's command-line interface using npx.
- Evidence: npx @aizzie/cli@latest in SKILL.md. This is identified as a vendor-owned resource consistent with the skill's purpose.
- [COMMAND_EXECUTION]: The agent is instructed to execute shell commands to interact with the Aizzie service.
- Evidence: npx @aizzie/cli docs and npx @aizzie/cli --help are used to load functionality and references.
- [SAFE]: No evidence of prompt injection, credential exposure, or unauthorized data access was found. The skill follows best practices by starting with unauthenticated searches and only requesting email for account-based features.
Audit Metadata