skill-discovery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): scripts/install_skill.py utilizes the subprocess.run method with a list of arguments, which prevents shell injection. It also validates the skill identifier using a restrictive regular expression (^[@a-zA-Z0-9/_-]+$) before execution.
- [EXTERNAL_DOWNLOADS] (SAFE): scripts/search_skills.py makes outbound network requests to the official claude-plugins.dev domain to fetch skill metadata. This is required for the skill's discovery features and does not involve executing arbitrary remote code.
- [DATA_EXFILTRATION] (SAFE): The code was inspected for sensitive data access and exfiltration patterns. No hardcoded credentials, access to sensitive file paths (like ~/.ssh or ~/.aws), or unauthorized network transmissions were found.
Audit Metadata