skill-validator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a static analysis tool designed to lint other skills for adherence to best practices.
- [SAFE]: The included script
scripts/validate_skill.pyperforms file system reads on a user-specified directory but does not execute any of the files it analyzes. - [SAFE]: Security checks within the script (SC001-SC005) are implemented using regular expressions to identify potential risks in other skills without running the code.
- [SAFE]: YAML parsing is performed using
yaml.safe_load()when the PyYAML library is available, and a safe custom parser is used as a fallback, ensuring that malicious YAML configurations cannot trigger code execution. - [SAFE]: No network access, data exfiltration patterns, or persistence mechanisms were found in any of the skill's components.
Audit Metadata