okf
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/install.shscript installs thepyyamldependency from standard Python package registries using pip or uv. - [COMMAND_EXECUTION]: The skill provides instructions for shell-based bundle management and includes an installer script that executes local Python code to perform structural validation of Markdown files.
- [SAFE]: The skill is designed to ingest and process external Markdown and YAML files (OKF bundles). It utilizes
yaml.safe_loadfor parsing, which is the recommended practice for securely handling structured data from external sources. - [SAFE]: The skill installation process uses
npx skills addtargeting the vendor's official repository, following standard procedures for agent skill management.
Audit Metadata