vm0-agent
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the platform's official CLI tool (vm0) to execute administrative tasks such as deploying configurations, cloning agents, and managing schedules. These commands are consistent with the skill's stated purpose as a development SDK.
- [EXTERNAL_DOWNLOADS]: The skill interacts with the skills.sh API for capability discovery and references external code from trusted GitHub organizations, including Anthropics and Vercel, which is considered safe under the trust-scope rules.
- [CREDENTIALS_UNSAFE]: The skill implements secure secret management by instructing users to store sensitive API keys using the vm0 secret set command, which stores tokens remotely on the platform rather than hardcoding them in configuration files.
Audit Metadata