Skills
skills/tracekit-dev/tracekit-for-ai/tracekit-source-maps/Gen Agent Trust Hub

tracekit-source-maps

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the TraceKit CLI from the vendor's official GitHub repository using Homebrew or a direct download link.
  • [REMOTE_CODE_EXECUTION]: The skill provides a command to download and execute an installation script (install.sh) from the vendor's repository (Tracekit-Dev/cli). This pattern is common for developer tooling provided by the service vendor.
  • [COMMAND_EXECUTION]: The skill executes various shell commands to install dependencies, verify versions, and perform source map uploads. It also uses file system operations like find and rm to manage build artifacts.
  • [PROMPT_INJECTION]: The skill contains UX instructions directing the agent to automate authentication checks before prompting the user for manual setup. While flagged by automated scanners as a concealment pattern, this is a benign workflow optimization that ultimately guides the user through a standard verification process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:15 AM