runtime-behavior-probe
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- Dynamic Code Execution: The skill is designed to generate and execute temporary TypeScript scripts to verify runtime behavior. It uses standard tools like
tsxandtscwithin temporary directories, which is an expected pattern for diagnostic and investigative workflows. - Environment Variable Handling: The skill includes instructions to read environment variables such as
OPENAI_API_KEYfor live probes. To mitigate risks, it mandates explicit user approval for each variable and strictly forbids printing secret values to the logs or output. - System Information Gathering: Diagnostic scripts generated by the skill may collect environmental context, such as Node.js versions, Git commit hashes, and package versions. This information is used to provide accurate reports on the runtime environment being tested.
- Safe Import Patterns: The skill provides specific guidance on importing local repository code using file URLs, ensuring that probes interact correctly with the intended source code without relying on potentially untrusted global packages.
Audit Metadata