bash-pro
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and promotes defensive programming best practices. It explicitly warns against dangerous patterns, such as using
evalon untrusted input or performing unsafe globbing, and instead advocates for robust alternatives like strict error modes (set -Eeuo pipefail) and quoting all variable expansions. - [EXTERNAL_DOWNLOADS]: The skill references well-known and reputable open-source tools and frameworks within the shell scripting ecosystem, including ShellCheck, shfmt, bats-core, and shellspec. These tools are standard for linting, formatting, and testing Bash scripts. It also mentions community-supported package managers like
basherandbpkgfor dependency management, which is appropriate for the skill's stated purpose. - [COMMAND_EXECUTION]: While the skill provides instructions for generating scripts that interact with the system, it focuses on doing so securely. It details safe patterns for argument parsing (using
getopts), temporary file management (usingmktempandtrap), and input validation to prevent common shell vulnerabilities.
Audit Metadata