bundle-maker
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes several utility Bash scripts (e.g., 'create-bundle.sh', 'add-skill-to-bundle.sh', 'add-mcp-to-bundle.sh') that perform local file system operations. These scripts use standard Unix tools like 'mkdir', 'sed', and 'jq' to generate and modify bundle files. These operations are restricted to the local workspace and are used for development automation.
- [SAFE]: No prompt injection, unauthorized data exposure, or malicious network activity was detected. The skill instructions specifically guide the user to avoid hardcoding secrets and instead use environment variable interpolation for MCP server authentication tokens.
Audit Metadata