Skills
skills/toddlevy/tl-agent-skills/tl-complexity-assessment/Gen Agent Trust Hub

tl-complexity-assessment

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides Bash and PowerShell scripts (complexity-scan.sh, complexity-scan.ps1) and instructions that execute standard system utilities such as find, wc, and sort, as well as third-party tools like rg (ripgrep) and madge. These are used for static analysis of code metrics and dependency mapping, which is consistent with the skill's stated purpose.
  • [EXTERNAL_DOWNLOADS]: The documentation and scripts reference external tools including madge and eslint-plugin-sonarjs. These are recommended for manual installation through official package managers (npm/pnpm) and are not automatically downloaded or executed from untrusted sources.
  • [DATA_EXPOSURE]: The skill is designed to read local source code files in the src/ directory to assess complexity. It does not attempt to access sensitive directories (e.g., .ssh, .aws), environment files, or credentials, nor does it perform network operations to exfiltrate the gathered metrics.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 02:02 PM