skill-vetter
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access attempts were detected.
- [EXTERNAL_DOWNLOADS]: Fetches repository metadata and code files from GitHub's official API and raw content domains for analysis. These are trusted, well-known services.
- [COMMAND_EXECUTION]: Suggests the use of curl and jq for the purpose of retrieving and parsing public repository data.
- [PROMPT_INJECTION]: As a tool designed to process untrusted external data (the skills being vetted), there is an inherent surface for indirect prompt injection. However, the skill provides a manual review protocol to mitigate these risks. • Ingestion points: Reads external data from GitHub URLs. • Boundary markers: Absent. • Capability inventory: curl, jq. • Sanitization: Absent.
Audit Metadata