plugin-dev
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is entirely informational, serving as a developer guide for creating and managing Claude Code plugins. No malicious patterns, obfuscation, or safety bypass attempts were detected.
- [NO_CODE]: The skill consists exclusively of Markdown documentation files. It does not ship with any executable scripts (Python, Node.js, Shell), binaries, or package manifests.
- [EXTERNAL_DOWNLOADS]: The documentation references external Git repositories on GitHub and GitLab for plugin distribution. These are presented as standard examples for a legitimate plugin ecosystem and target well-known services.
- [COMMAND_EXECUTION]: The skill provides instructions for using the
claudeCLI tool to validate, install, and list plugins. These commands are part of the intended functionality for the described development environment and do not involve arbitrary or unsafe command execution.
Audit Metadata