qveris-official
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official vendor domain (qveris.ai) for all API requests, ensuring that data is transmitted to the intended service provider.
- [SAFE]: The implementation is lightweight and relies entirely on Node.js built-in
fetch, requiring no external packages or potentially malicious dependencies. - [SAFE]: Environment variables like
QVERIS_API_KEYare handled securely viaprocess.envand transmitted using Bearer authentication over HTTPS. - [SAFE]: Agent instructions are well-structured and provide explicit security guidance, such as advising against transmitting PII and outlining clear error recovery protocols.
- [SAFE]: No obfuscation, hidden commands, or persistence mechanisms were found in the scripts or documentation.
Audit Metadata