zig-build-system
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- SAFE (SAFE): The skill contains standard documentation and code snippets for managing Zig projects. No malicious instructions, obfuscation, or exfiltration patterns were detected. The provided shell commands (e.g.,
zig init,zig build) are standard development workflows. - EXTERNAL_DOWNLOADS (LOW): Examples in the
build.zig.zonsection reference external dependencies hosted on GitHub (e.g.,zig-clap). While these involve downloading remote archives, they represent standard Zig package management practices and target a well-known, trusted domain. - COMMAND_EXECUTION (LOW): The skill demonstrates the use of
addSystemCommandwithin the Zig build script. This is a legitimate feature of the Zig build system used for automating development tasks such as running a Python script for code generation.
Audit Metadata