skill-review
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for auditing purposes and contains no executable code or dangerous command patterns. It follows best practices by explicitly forbidding the use of shell tools like curl or wget for network operations.
- [EXTERNAL_DOWNLOADS]: The skill identifies and verifies URLs within audited files using the WebFetch tool. This is a core functionality intended to ensure the quality and reliability of external references in skill documentation.
- [PROMPT_INJECTION]: As a tool that processes untrusted text from other skill directories, it has an inherent indirect prompt injection surface. However, the skill treats this data as input for validation checks rather than instructions for immediate execution, mitigating the risk of state or logic manipulation.
Audit Metadata