skill-vetter
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Includes template bash commands using
curlandjqto interact with the GitHub API. These commands are used to retrieve repository statistics and list file contents for the purpose of security auditing. - [EXTERNAL_DOWNLOADS]: Fetches metadata and skill configuration files from official GitHub domains (
api.github.comandraw.githubusercontent.com). These are well-known services and the retrieval is limited to data for analysis. - [PROMPT_INJECTION]: The skill is intended to process untrusted data from external repositories as part of its vetting protocol. This represents an indirect prompt injection surface; however, the skill provides a structured framework for evaluation and reporting to help the agent maintain a critical security posture.
Audit Metadata