rstack-start
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All identified operations are standard administrative tasks for the resolved.sh platform, which is the vendor of the skill.
- [COMMAND_EXECUTION]: The skill includes a preamble that runs shell commands to verify the presence of necessary environment variables (
RESOLVED_SH_API_KEY,RESOLVED_SH_RESOURCE_ID,RESOLVED_SH_SUBDOMAIN). The implementation follows security best practices by only reporting if the key is set or missing, rather than printing the sensitive value itself. - [EXTERNAL_DOWNLOADS]: The skill references documentation and price lists hosted on the vendor's domain (
https://resolved.sh/llms.txt,https://resolved.sh/x402-spec). These are trusted vendor resources used for operational configuration. - [DATA_EXFILTRATION]: The skill describes API interactions involving registration and account updates directed to
https://resolved.sh. These operations are consistent with the skill's stated purpose of managing a user's presence on the platform.
Audit Metadata