learn-agentfactory
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses Python's standard library exclusively, avoiding the risks associated with unverified or malicious third-party packages.
- [SAFE]: Authentication credentials are managed securely in
~/.agentfactory/credentials.jsonwith restricted access permissions (chmod 600), preventing other users on the system from accessing sensitive tokens. - [SAFE]: External network calls are strictly limited to the author's verified infrastructure (
panaversity.org) for retrieving lesson content and managing OAuth2 authentication flows. - [SAFE]: Subprocess calls are limited to executing internal skill scripts (
auth.py) using the verified local Python interpreter path. - [SAFE]: Prompt instructions in the reference files are focused on teaching methodology and do not contain patterns indicative of prompt injection or safety bypass attempts.
- [SAFE]: The skill provides a clear session management and state persistence model using a dedicated directory in the user's home folder, which is standard for personalized CLI tools.
Audit Metadata