bears-machines
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions and references for managing lab machines (Opentrons, Balance, etc.). No malicious patterns were detected across the analyzed files.
- [COMMAND_EXECUTION]: The skill instructions involve running local Python scripts using the
uvpackage manager (uv run --package balance-edge python edge/balance.py) and calling a domain-specific CLI toolpuda. These are standard operations for the skill's stated purpose of lab automation. - [EXTERNAL_DOWNLOADS]: The documentation mentions using
uv sync --all-packages, which is a standard Python dependency management command. No suspicious remote script execution patterns (e.g.,curl | bash) or downloads from untrusted sources were detected. - [PROMPT_INJECTION]: The skill includes robust instructions (labeled as "Critical Rules") directing the agent to ask the user for clarification rather than making assumptions about machine selection or configuration. This is a security best practice that reduces the risk of unintended actions.
Audit Metadata