inpoxia-tools
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes local repository commands such as
pytest,pyright, andruff. These are standard development tools and are used here within their intended context for local validation. - EXTERNAL_DOWNLOADS (SAFE): The skill references
uv syncfor dependency management. This is a standard operation for theuvpackage manager to ensure the local development environment matches the project requirements. - CREDENTIALS_UNSAFE (SAFE): The documentation mentions token handling (e.g.,
INPOXIA_TOKEN) but does not include any hardcoded secrets or instructions to exfiltrate them. It follows standard practices for environment-variable-based authentication. - DATA_EXFILTRATION (SAFE): No network exfiltration patterns or unauthorized data access commands were detected.
Audit Metadata