hindsight-upgrade
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to
raw.githubusercontent.com/vectorize-io/hindsight-skillsto fetch version information. This is a legitimate operation targeting the vendor's official repository for update checking. - [REMOTE_CODE_EXECUTION]: The upgrade process involves pulling or cloning the latest code from
github.com/vectorize-io/hindsight-skills.gitand executing a local./setupscript. Since these operations are directed at the author's verified infrastructure and are the primary intended purpose of the skill, they are considered safe functionality. - [COMMAND_EXECUTION]: The skill executes internal utility scripts (
hindsight-config,hindsight-update-check) to manage local state and configuration files within the~/.hindsight-skillsdirectory. These operations are scoped to the skill's own environment and do not pose a security risk.
Audit Metadata