code
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill implements an update check in
review-and-commit.mdandtry.mdthat retrieves versioning info from the vendor's repository (github.com/abpai/skills). This is a legitimate maintenance function. - [COMMAND_EXECUTION]: The
review-and-commit.mdfile contains dynamic context triggers that execute read-only git commands at load time to populate the agent's context with the current project status. - [COMMAND_EXECUTION]: The
scratchandtryworkflows involve the generation and execution of local exploration scripts. These operations are intended for isolated development environments and are central to the skill's stated utility. - [SAFE]: The provided auditing script (
scripts/audit-hexagon.ts) performs purely local static analysis of project structure and dependencies without external network access or risky command execution.
Audit Metadata