agent-tools
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and does not contain any executable scripts, automation logic, or binary files.
- [SAFE]: The content is a legitimate reference for the Claude Code CLI permission model, providing educational examples of how to restrict agent capabilities.
- [COMMAND_EXECUTION]: Describes the configuration syntax for the Bash tool, including examples of prefix-matching patterns used to limit command execution to specific tools like pytest, npm, or git.
- [EXTERNAL_DOWNLOADS]: Documents the WebFetch and WebSearch tools, explaining how to implement domain-level restrictions for network requests to trusted sources like GitHub or official documentation.
- [CREDENTIALS_UNSAFE]: References sensitive user configuration paths such as ~/.zshrc as descriptive examples for demonstrating path-based file access restrictions, but does not expose or attempt to exfiltrate actual credentials.
Audit Metadata