Skills
skills/cristoslc/swain/swain-init/Gen Agent Trust Hub

swain-init

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the installation script for the uv tool from Astral's official domain (astral.sh).\n- [REMOTE_CODE_EXECUTION]: Executes the uv installer by piping the remote script directly into the shell (curl ... | sh).\n- [COMMAND_EXECUTION]: Installs the pre-commit framework using uv tool install and configures local git hooks via pre-commit install to automate security checks.\n- [EXTERNAL_DOWNLOADS]: Sets up .pre-commit-config.yaml to reference and download security scanning hooks (including gitleaks and trufflehog) from their respective GitHub repositories.\n- [COMMAND_EXECUTION]: Uses npx to add and install the obra/superpowers skill and executes a vendored script named tk found within the project structure.\n- [COMMAND_EXECUTION]: Programmatically invokes other local skills (swain-doctor, swain-help) to verify project health and provide user onboarding.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 05:18 PM