Skills
skills/huangwb8/skills/install-bensz-skills/Gen Agent Trust Hub

install-bensz-skills

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The installation script scripts/install.py utilizes subprocess.run to execute shell commands. This is primarily used for environment verification (git --version) and to perform remote skill acquisition via git clone operations.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to download content from external GitHub repositories. The config.yaml file specifies remote sources including the vendor's own repositories and an official repository from Anthropic. These operations are part of the core functionality for remote skill installation and updates.
  • [SAFE]: The file system operations are restricted to the user's home directory (e.g., ~/.claude/skills and ~/.codex/skills) and are consistent with the stated purpose of managing agent capabilities. No evidence of data exfiltration or unauthorized access to sensitive system files was detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:10 PM