ida-plugin-development
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The helper script
scripts/hcli-package.pyutilizessubprocess.runto invoke thehcli(Hex-Rays Command Line Interface) for plugin linting and installation. This behavior is standard for a developer packaging utility and targets official vendor tooling. - [EXTERNAL_DOWNLOADS]: The documentation links within the skill point to
hex-rays.comand its subdomains. These are official, well-known resources for the IDA Pro ecosystem and are treated as safe sources. - [COMMAND_EXECUTION]: Code snippets include the use of
idc.eval_idc, which is a standard IDA Pro API for executing IDC expressions. This is used for legitimate inter-plugin communication within the controlled environment of the target application.
Audit Metadata