skill-review-audit
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a utility script
scripts/scan_skill.shthat uses standard POSIX tools (find,du,grep,sed) to inventory and analyze a target directory. The script is explicitly designed for read-only heuristic scanning. - [DATA_EXPOSURE]: The scanner script includes patterns to detect sensitive information such as
API_KEYandTOKEN. To prevent accidental data exfiltration into the agent's context or chat logs, the script is configured to print only the filenames of matches (--files-with-matches) rather than the sensitive content itself. - [EXTERNAL_DOWNLOADS]: The documentation references the use of
openskills, a Node.js utility, to manage skill installations from GitHub repositories. These references are part of the standard installation workflow for the vendor's ecosystem. - [PROMPT_INJECTION]: While the skill processes external data (other skills being audited), it includes a 'Red Flags' section and a 'Non-Mutating Constraint' to ensure the agent maintains analytical distance and does not execute untrusted instructions found during an audit.
Audit Metadata