start
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill mentions the installation script for the uv tool (https://astral.sh/uv/install.sh). This is provided as a user-manual troubleshooting step and points to a trusted, well-known technology provider.
- [COMMAND_EXECUTION]: Bash is utilized to create project-specific metadata directories (e.g., .claude/) and manage JSON configuration files. All file operations are localized and use jq to process data securely.
- [DATA_EXPOSURE]: There are no attempts to access sensitive system files, hardcoded credentials, or exfiltrate project data to external domains.
- [PROMPT_INJECTION]: The skill employs structured user interaction via AskUserQuestion for configuration, reducing the surface area for malicious prompt injection. No behavioral overrides were found in the metadata or descriptions.
Audit Metadata