typesense
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues or malicious patterns were detected in the skill instructions or scripts.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download official Typesense software via Docker (
typesense/typesense) and installs official client libraries from trusted package registries including PyPI (pip install typesense) and NPM (npm install typesense). These sources are reputable and standard for the intended functionality. - [COMMAND_EXECUTION]: The provided
scripts/install.shscript executes standard shell commands to manage Docker containers and install Python packages. It uses appropriate flags such as--userand--break-system-packageswhere necessary to ensure compatibility with various host environments without requiring elevated privileges. - [CREDENTIALS_UNSAFE]: The skill correctly uses placeholders like
CHANGE_ME_STRONG_KEYin examples and a default development-only key (dev-only-change-me) in its local installer script, encouraging users to set strong, unique keys for production environments.
Audit Metadata