Skills
skills/runwayml/skills/rw-recipe-full-setup/Gen Agent Trust Hub

rw-recipe-full-setup

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access attempts were detected in the skill instructions or metadata.
  • [CREDENTIALS_UNSAFE]: The skill correctly identifies the risk of API key exposure. It instructs users to store sensitive credentials in environment variables and specifically reminds them to update their .gitignore file to prevent accidental credential leakage to version control.
  • [EXTERNAL_DOWNLOADS]: The skill references the installation of official RunwayML SDKs (@runwayml/sdk and runwayml). These are standard, well-known packages associated with the skill's stated purpose and author.
  • [COMMAND_EXECUTION]: The allowed-tools section restricts Bash usage to benign operations such as checking runtime versions (node --version, python3 --version) and standard package installations, which is consistent with the skill's setup instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 01:14 PM