Skills
skills/mvanhorn/cli-printing-press/printing-press-publish/Gen Agent Trust Hub

printing-press-publish

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to automate a multi-step publishing workflow. This involves shell operations for directory management, file cleanup, and the orchestration of command-line utilities like jq for JSON processing, git for version control, and gh for GitHub interactions.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the target repository from github.com/mvanhorn/printing-press-library. It also recommends the installation of the printing-press binary from the author's official repository at github.com/mvanhorn/cli-printing-press.
  • [REMOTE_CODE_EXECUTION]: The skill executes specific Go tools within the cloned repository (./tools/generate-skills/main.go) to synchronize project metadata. It also dynamically runs the govulncheck utility from golang.org to ensure the published code does not contain known vulnerabilities.
  • [DATA_EXFILTRATION]: The skill's intended purpose is the public distribution of code to GitHub. To mitigate the risk of accidental data exposure, the skill implements a mandatory multi-tier security scan that checks for hardcoded credentials (using tools like gitleaks or trufflehog) and scrubs PII from manuscript files and README documentation prior to the commit and push operations.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:03 PM