cmd-skills-dashboard
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior matches its description. It automates the collection of public data from a specific API to provide insights into skill distribution.
- [EXTERNAL_DOWNLOADS]: Communicates with the public skills.sh API to retrieve skill metadata (names, install counts, owners). This is the intended target of the skill.
- [COMMAND_EXECUTION]: Runs a provided Python script to perform data aggregation and HTML generation. The script uses standard libraries and manages a local cache in the user's home directory (e.g., ~/.cache/skills-dashboard).
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or transmission. The script only reads its own cache and writes the generated dashboard output to a local file.
Audit Metadata