Skills
skills/tbsten/mir/getting-started/Gen Agent Trust Hub

getting-started

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to install the @tbsten/mir package from the npm registry using npm i -g or npx. This package is a vendor-owned resource corresponding to the skill author.
  • [COMMAND_EXECUTION]: Provides a series of CLI commands for the mir tool, including init, search, install, and publish. These are standard operations for the tool's intended purpose of snippet management.
  • [CREDENTIALS_UNSAFE]: Mentions mir login via GitHub OAuth for publishing to remote registries. This is a standard authentication flow for the tool's service and does not involve hardcoded secrets or unsafe credential handling within the skill itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 07:46 PM