Skills
skills/d-o-hub/rust-self-learning-memory/yaml-validator/Gen Agent Trust Hub

yaml-validator

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [External Downloads] (LOW): The skill recommends installing 'yamllint' via pip. This involves downloading and installing third-party code from the PyPI registry.
  • [Command Execution] (SAFE): Uses standard shell utilities like 'sed', 'find', and 'xargs' to automate YAML fixes. These actions are transparent and strictly limited to the skill's stated purpose of fixing syntax errors.
  • [Indirect Prompt Injection] (SAFE): [1] Ingestion points: Reads project .yml and .yaml files. [2] Boundary markers: Not used, as the skill performs programmatic linting. [3] Capability inventory: Includes shell command execution (sed) and package installation (pip). [4] Sanitization: Employs 'yaml.safe_load()' in its Python implementations, which is the industry standard for preventing YAML-based deserialization attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 09:22 AM