agent-o-rama
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The skill reads from local interaction logs (
interactions.duckdb) and writes to local result tables or JSON files. No network exfiltration or access to sensitive system paths (e.g., SSH keys, env files) was identified. - [COMMAND_EXECUTION] (SAFE): Workflow automation is performed via the
justcommand runner. The provided commands (agent-train,agent-discover, etc.) are standard task wrappers for the skill's internal logic and do not involve shell injection or elevated privileges. - [REMOTE_CODE_EXECUTION] (SAFE): Python snippets utilize structured library imports (
agent_o_rama,bisimulation_game). There is no evidence of dynamic code execution (e.g.,eval,exec) or fetching scripts from remote untrusted URLs. - [EXTERNAL_DOWNLOADS] (SAFE): The skill references a common, trusted embedding model (
all-MiniLM-L6-v2) frequently used in NLP tasks. No other external dependencies or unverifiable packages are requested.
Audit Metadata