001-skills
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill mentions the installation of the
openspecpackage via the official npm registry and references a JBang scriptpuml-to-png@jabrenafor automated diagram generation. Both are well-known or vendor-owned developer tools. - [COMMAND_EXECUTION]: The generated documentation references standard project scripts for Java profiling and performance testing (e.g.,
run-with-profiler.sh,java-profile.sh,mvnw). These scripts are intended for local execution by the developer as part of a performance analysis workflow. - [DATA_EXFILTRATION]: The skill describes functionality for fetching issue metadata from GitHub and Jira using their respective official CLI tools (
ghandjira). These operations are scoped to project management tasks and require existing user authentication.
Audit Metadata