Skills
skills/yaojingang/yao-open-skills/yao-bayesian-skill/Gen Agent Trust Hub

yao-bayesian-skill

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill executes Python scripts locally to perform statistical calculations. These scripts use only standard Python libraries and perform no network operations or sensitive file system access.
  • [SAFE]: The report generation logic in scripts/generate_report_bundle.py utilizes HTML escaping for all user-provided strings, effectively preventing cross-site scripting (XSS) vulnerabilities in the output files.
  • [SAFE]: All JavaScript included in the generated HTML reports is scoped to local UI functionality such as language toggling and print formatting, with no external data transmission.
  • [SAFE]: The skill uses a structured 'intake contract' and 'output contract' to guide the agent, maintaining clear boundaries and preventing unintended behavior or prompt manipulation.
  • [SAFE]: No obfuscation, hardcoded credentials, or persistence mechanisms were detected in any of the skill files or scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 01:04 PM