setup
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Bash scripts for the agent to execute. These scripts utilize standard system utilities such as
curlfor API requests,jqfor parsing JSON responses, andopen/xdg-opento facilitate user authentication in a web browser. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
api.deepread.techfor authentication and document processing. These are interactions with the vendor's own infrastructure and are necessary for the skill's stated purpose. - [CREDENTIALS_UNSAFE]: The scripts handle the retrieval and storage of an API key. The key is retrieved via a secure device flow and stored in a local
.envfile. No hardcoded credentials or secrets are present in the skill; example snippets use placeholders likeYOUR_KEYandYOUR_BLUEPRINT_ID.
Audit Metadata