nav-loop
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected across any of the skill's files or scripts.\n- [COMMAND_EXECUTION]: The skill utilizes local Python scripts via the agent's Bash tool to manage task state. These scripts (phase_detector.py, stagnation_detector.py, exit_gate.py, status_generator.py) perform local data processing using standard libraries and do not execute dangerous system commands or network requests.\n- [REMOTE_CODE_EXECUTION]: No patterns for remote code execution or untrusted downloads were found. The subprocess.run calls flagged by static analysis are located within unit test files (test_*.py) and are used to verify the functionality of local scripts with controlled inputs.\n- [DATA_EXFILTRATION]: No network activity or sensitive file access was found; the skill operates entirely on local task metadata and context information.\n- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or access to sensitive credential paths (such as .ssh or .aws) were identified.
Audit Metadata