skills-search
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
ccpmCLI to execute system commands for searching the registry, listing installed components, and retrieving metadata. - [EXTERNAL_DOWNLOADS]: Facilitates the retrieval of external resources from the CCPM registry and the NPM registry, specifically targeting vendor-owned packages like
@daymade/ccpm. - [REMOTE_CODE_EXECUTION]: By design, the skill installs and enables third-party code for use within the agent environment, which is the intended primary purpose of a plugin manager.
Audit Metadata