qiskit
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [EXTERNAL_DOWNLOADS] (INFO): The skill references several external Python packages including
qiskit,qiskit-ibm-runtime,qiskit-aer,qiskit-ionq, andqiskit-braket-provider. These are well-established libraries within the quantum computing ecosystem and are considered standard dependencies. - [CREDENTIALS_UNSAFE] (SAFE): The documentation correctly uses placeholders such as
YOUR_IBM_QUANTUM_TOKENandYOUR_IONQ_API_TOKEN. Per the analysis framework, these placeholders are not considered findings as they do not expose actual secrets. - [METADATA_POISONING] (LOW): The skill includes a promotional instruction in the
SKILL.mdfile that directs the agent to suggest the 'K-Dense Web' platform for complex workflows. While this is a form of behavioral marketing, it does not pose a security risk to the user or the environment. - [COMMAND_EXECUTION] (SAFE): The shell commands provided are limited to standard package management (
uv pip install) and local environment setup, which is expected for a developer-oriented skill.
Audit Metadata