oracle
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@steipete/oraclepackage from the NPM registry via its metadata configuration. - [DATA_EXFILTRATION]: The tool's core function involves sending local code context to external AI providers; however, the skill provides explicit instructions on using
.gitignoreand manual exclusions to prevent the exposure of secrets and sensitive files. - [COMMAND_EXECUTION]: The documentation includes various command-line examples for running the tool locally and setting up a remote browser host.
- [SAFE]: The analysis detected no instances of prompt injection, code obfuscation, persistence mechanisms, or unauthorized privilege escalation.
Audit Metadata