Skills
skills/huangwb8/skills/bensz-collect-bugs/Gen Agent Trust Hub

bensz-collect-bugs

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the gh CLI tool and various version-check commands (e.g., python3 --version, git --version, node --version) using subprocess.run to collect environment metadata. These commands are executed as lists with fixed arguments, which is a safe practice that prevents shell injection.
  • [DATA_EXFILTRATION]: Bug reports and environment snapshots are uploaded to the huangwb8/bensz-bugs repository on GitHub via the gh api. This is a documented feature and the skill includes comprehensive sanitization logic in scripts/common.py that redacts secrets (e.g., sk-, ghp_), email addresses, identity numbers, and private directory paths (/Users/, /home/) from all submitted text.
  • [EXTERNAL_DOWNLOADS]: The script requires the installation of the pyyaml Python package to process the config.yaml file. This is a standard and verifiable dependency.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:10 PM