setup-tool
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs network requests to the author's domain (agenticstack.sh) to retrieve tool categories and details. This behavior is consistent with the skill's stated purpose and uses vendor-owned infrastructure.
- [SAFE]: The skill provides setup guidance, including package installation commands and environment variable requirements, as instructions for the user. These commands are not executed automatically by the agent.
- [SAFE]: The instruction set includes explicit logic to prioritize structured data (boolean features) over free-text descriptions (body text) when making recommendations. This serves as a safeguard against potential indirect prompt injection that might be present in the external tool descriptions.
Audit Metadata