plugin-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of documentation and guidance for plugin developers. No executable code or malicious scripts were found in the provided files.
- [SAFE]: The documentation emphasizes security best practices, including the Principle of Least Privilege for tool selection and the protection of sensitive files like .env and secrets.
- [SAFE]: External references and suggested package installations (e.g., pyright, typescript-language-server) target well-known and reputable software providers or official documentation.
- [SAFE]: Information regarding dynamic context injection refers to documented platform features intended for legitimate developer use-cases and provides benign examples.
Audit Metadata