vendor-management
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides three deterministic Python scripts (
vendor_scorer.py,sla_compliance_tracker.py,vendor_risk_classifier.py) that rely exclusively on the Python standard library. These tools perform calculations and generate markdown reports based on user-provided JSON inputs without any network access, subprocess calls, or dynamic code execution. - [SAFE]: External references within the skill are limited to documentation and research from authoritative organizations and well-known services, including NIST, ISO, Gartner, AWS, Google Cloud, and Microsoft Azure. These links are for informational purposes only.
- [SAFE]: No hardcoded credentials, sensitive file path access, or obfuscated code patterns were detected across the skill's files.
- [SAFE]: While the skill ingests external data (user-provided JSON catalogs), the scripts utilize type casting (e.g.,
float(),int(),str()) for input processing, which ensures the data is handled as expected values rather than executable instructions.
Audit Metadata