Skills
skills/vinnie357/claude-skills/claude-plugins/Gen Agent Trust Hub

claude-plugins

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The validate-plugin.nu script includes functionality to clone external repositories from GitHub using git clone. This is triggered when validating a plugin from a marketplace definition that specifies an external source. While this involves downloading external content, it is a documented feature for validating third-party plugins and targets a well-known service (GitHub).
  • [COMMAND_EXECUTION]: The provided Nushell scripts (validate-plugin.nu, init-plugin.nu, format-plugin.nu) perform various system operations including directory creation (mkdir), file removal (rm -rf), and repository cloning (git clone). These operations are scoped to the plugin development workflow and do not exhibit malicious patterns like privilege escalation or unauthorized access to sensitive system paths.
  • [DATA_EXFILTRATION]: No evidence was found of scripts accessing sensitive local data (such as SSH keys or environment secrets) and transmitting it externally. Network activity is limited to the git clone operation for the purpose of plugin validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 01:24 AM