skill-manager
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses subprocess commands and dynamic execution to manage its components and interact with the system environment. File
scripts/git_ops.pyexecutesgitcommands to track changes in skill directories. Filescripts/install.pyexecutesgit cloneandgit sparse-checkoutto download skills from remote repositories. Filescripts/skillsutilizesexec()to load utility functions and runs Python code snippets viasubprocess.runto handle search and installation logic. - [EXTERNAL_DOWNLOADS]: The skill fetches data and code from remote sources to perform its management tasks. File
scripts/install.pydownloads repository archives and clones Git repositories from GitHub. Filescripts/profile.pycommunicates with the GitHub Gist API to handle profile exports and imports. - [REMOTE_CODE_EXECUTION]: The core functionality involves installing and enabling third-party AI skills which contain executable instructions or scripts. File
scripts/install.pyfacilitates downloadingSKILL.mdfiles and associated scripts from user-provided GitHub URLs, which are then integrated into the active agent environment. - [DATA_EXFILTRATION]: The skill can aggregate and send configuration metadata to external services for synchronization. File
scripts/profile.pycan export a list of installed skill names and their sources to a GitHub Gist if a user provides aGITHUB_TOKENenvironment variable.
Audit Metadata