Skills
skills/wshobson/agents/review-agent-setup/Gen Agent Trust Hub

review-agent-setup

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to install an external plugin and run utilities via npx.
  • Fetches the wshobson/agents/review-agent-governance plugin, which is a resource provided by the skill author.
  • Uses npx @veritasacta/verify to perform offline verification of audit receipts.
  • Uses npx protect-mcp@0.5.5 for policy evaluation during tool calls.
  • [COMMAND_EXECUTION]: The skill provides configuration examples and manual setup steps that involve executing shell commands.
  • Instructions include using touch, rm, mkdir, and echo for local environment management (e.g., managing a flag file for approvals and updating .gitignore).
  • Provides a configuration snippet for shell hooks that execute npx protect-mcp to evaluate agent actions against a Cedar policy before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:13 AM