review-a-skill
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill invokes
npxto execute theai-agent-skillstool. This is a standard method for running Node.js-based CLI packages from well-known registries like NPM and is necessary for the skill's management functionality. - [COMMAND_EXECUTION]: Multiple shell commands (
preview,info,validate,curate) are used to interact with skill files and the catalog. These operations are required for the intended purpose of assessing and organizing skills within a library. - [SAFE]: No suspicious patterns, such as prompt injection, hardcoded credentials, or data exfiltration, were identified. The instructions prioritize security by including steps to check for injection patterns in the skills being reviewed.
Audit Metadata