Skills
skills/bitsky-tech/amphiloop/bridgic-amphibious/Gen Agent Trust Hub

bridgic-amphibious

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts/install-deps.sh script downloads the official installer for the uv package manager from https://astral.sh/uv/install.sh (or install.ps1 on Windows). astral.sh is the well-known domain for Astral's official Python tooling.
  • [REMOTE_CODE_EXECUTION]: The scripts/install-deps.sh script executes the downloaded uv installer directly via a shell pipe. This follows the standard and documented installation procedure for the tool.
  • [COMMAND_EXECUTION]: The framework includes a setup script (install-deps.sh) that manages the local development environment by initializing the project, configuring pyproject.toml, and using the uv tool to install and synchronize dependencies.
  • [PROMPT_INJECTION]: The framework processes user-supplied instructions (goals) and tool outputs. It implements an "Exposure" system to control data visibility to the LLM and "Cognitive Policies" to structure reasoning, which provides architectural mitigation against risks associated with untrusted data ingestion.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:21 PM