Skills
skills/psquared-development/psquared-skills/fix-demos/Gen Agent Trust Hub

fix-demos

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl commands to interact with the vendor's GraphQL CRM (crm.psquared.dev) and the OpenBrand API (openbrand.sh) for data retrieval and status updates.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to fetch company website content for the purpose of re-scraping and extracting brand colors. These operations are core to the skill's primary function of fixing demo content.
  • [DATA_EXFILTRATION]: While the skill reads environment tokens (PSQUARED_CRM_TOKEN, NUXT_MCP_DEMO_TOKEN, OPENBRAND_API_KEY), these are used exclusively to authenticate with the vendor's own APIs (psquared.dev, openbrand.sh) as part of the intended workflow. No sensitive data is sent to unauthorized third-party domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:03 PM