plugin-validator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for static analysis of local plugin directories and does not perform network operations, access sensitive system files, or include obfuscated code.
- [COMMAND_EXECUTION]: The skill uses local commands such as
jqandshellcheckvia subprocess calls to validate file integrity and identify shell script errors. These operations are performed on user-specified local paths and are consistent with the skill's primary purpose. - [REMOTE_CODE_EXECUTION]: No remote code execution or untrusted downloads were detected. The Python scripts and Bash snippets operate exclusively on local data provided within the plugin development context.
- [PROMPT_INJECTION]: No override patterns, safety bypasses, or system prompt extraction attempts were found.
Audit Metadata