Skills
skills/sundial-org/awesome-openclaw-skills/antigravity-balance/Gen Agent Trust Hub

antigravity-balance

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The agquota.js script executes system commands (ps on Unix-like systems and powershell on Windows) to discover the running language server process. This is used solely to identify the specific port and CSRF token required to query the local usage API. The process names used in these commands are hardcoded literals, preventing command injection.\n- [SAFE]: All network operations are directed to the local loopback address (127.0.0.1). No sensitive data or usage information is transmitted to external domains.\n- [SAFE]: The skill relies entirely on built-in Node.js modules (https, child_process, util) and does not install or use any third-party dependencies, minimizing supply chain risks.\n- [SAFE]: The script disables certificate validation (rejectUnauthorized: false) for its HTTPS requests, which is standard behavior when interacting with local development services using self-signed certificates and does not pose an external security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:24 AM