plugin-creator
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of documentation, usage examples, and code templates for developing plugins within the OpenCode ecosystem. No actual code is shipped with the skill itself.- [EXTERNAL_DOWNLOADS]: The documentation references external plugin loading via npm packages (e.g., 'opencode-helicone-session', 'opencode-wakatime'). These references are descriptive of standard platform functionality and do not constitute a security risk within the skill's own implementation.- [CREDENTIALS_UNSAFE]: The file '.skill.config' includes placeholders for sensitive information like 'GITHUB_TOKEN' as examples for user configuration. No real credentials or secrets are exposed.
Audit Metadata