workos-migrate-descope
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The provided files consist entirely of metadata (plugin.json) and a static YAML rule definition (.rules.yml). There are no scripts, shell commands, or logic-based instructions that the agent would execute.
- [EXTERNAL_DOWNLOADS] (INFO): The metadata references a GitHub repository (github.com/workos/skills). This is a standard metadata field for attribution and does not involve automated downloads or runtime remote code execution within the analyzed scope.
Audit Metadata