Skills
skills/joaquimscosta/arkhe-claude-plugins/sync-docs/Gen Agent Trust Hub

sync-docs

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses urllib.request in scripts/sync_and_diff.py to download documentation from external URLs (Anthropic's official documentation). This is the core functionality of the skill and targets well-known sources.
  • [COMMAND_EXECUTION]: The Python script scripts/sync_and_diff.py uses subprocess.run() to execute a local bash script (docs/reference/update-claude-docs.sh). This is used to perform the actual file synchronization using system tools like curl.
  • [DATA_EXPOSURE]: The skill reads the contents of .claude/skills/skill-validator/scripts/validate_skill.py to extract hardcoded constants for comparison against the new documentation. This access is scoped to the project's internal validation logic.
  • [PRIVILEGE_ESCALATION]: The TROUBLESHOOTING.md file contains instructions for the user to manually run sudo apt-get install curl and chmod +x on scripts. These are standard administrative suggestions for resolving environment issues and are not executed automatically by the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:55 AM