last30days-3
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses a robust multi-source retrieval pipeline with clear separation of concerns across its Python modules and vendored Node.js search client.
- [SAFE]: Data processing involves intelligent normalization, deduplication, and LLM-based reranking to ensure high-quality output while avoiding malicious patterns.
- [SAFE]: External dependencies are restricted to well-known registries (PyPI, NPM) and trusted open-source tools like
yt-dlp. - [SAFE]: Credential management is handled securely via environment variables or local browser cookie extraction, with explicit user consent prompts and no persistence of secrets to disk.
- [SAFE]: Command execution is limited to specific research tasks (e.g.,
yt-dlpfor transcripts ornodefor the internal search client) and does not involve arbitrary or unsanitized shell execution.
Audit Metadata