sglang-skill
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a shell script (update-sglang.sh) that clones the SGLang repository from its official GitHub repository. This download targets a well-known project and is used for development purposes.
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as 'rg' (ripgrep) to search the codebase and 'python -m sglang.launch_server' to run the engine. These commands are standard for the skill's stated purpose of developing and debugging SGLang.
- [DATA_EXPOSURE]: The skill defines local paths within the agent's environment (e.g., ~/.cursor/skills/sglang-skill/repos/sglang/) to read and analyze the SGLang source code. This is limited to the repository data and does not involve accessing sensitive system files.
Audit Metadata