flow
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a development and orchestration tool that operates according to its stated purpose. It manages local skill components and generates workflow scripts without exhibiting malicious patterns like unauthorized data access, hidden backdoors, or obfuscation.
- [EXTERNAL_DOWNLOADS]: Dependencies specified in the requirements are standard, well-maintained libraries for natural language processing, web interfaces, and security analysis, such as Streamlit, Spacy, Bandit, and Safety.
- [PROMPT_INJECTION]: The skill parses user-provided natural language to structure workflow logic. While this presents an ingestion point for indirect instructions, the orchestrator includes a security scanner to evaluate all components before composition and currently generates code stubs rather than executing user-defined logic in a privileged environment.
- [COMMAND_EXECUTION]: The orchestrator includes logic to detect dangerous command execution in other files but does not execute arbitrary system commands itself. File system operations are restricted to registry management and script generation in a designated output directory.
Audit Metadata