paw-mkt-setup
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements an anti-zombie pattern that removes stale configuration entries for the module before writing fresh data, preventing the persistence of redundant or outdated settings.
- [SAFE]: The provided Python scripts use yaml.safe_load() for processing YAML files, which is a secure method that prevents arbitrary code execution during data deserialization.
- [COMMAND_EXECUTION]: The skill executes standard filesystem commands like mkdir, mv, and rmdir to establish the module directory structure and migrate legacy brand and report data. These operations are scoped to the project root and are necessary for the skill's setup functionality.
- [SAFE]: The skill isolates user-specific data, such as usernames and language preferences, into a dedicated config.user.yaml file. This practice ensures that personal information is separated from the shared project configuration, which is a recommended approach for protecting PII and managing environment-specific settings.
Audit Metadata