pr-review
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to validate other skills for security and structure. It uses a local Python script (validate_skills.py) that relies exclusively on the standard library.
- [DATA_EXFILTRATION]: No network operations or unauthorized data access patterns were detected. The validation script reads local files for secret scanning and structural checks only, without any external transmission.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or dynamic execution of untrusted code (like eval or exec) were found in the skill or its associated scripts.
- [COMMAND_EXECUTION]: The skill executes a local Python script provided within its own directory structure to perform linting and validation tasks. This is a standard and safe practice for tooling skills.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret handling practices were found. In fact, the skill specifically includes logic to detect and prevent hardcoded secrets in the code it scans.
Audit Metadata