ticketsatwork
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill's instructions or scripts.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by requiring user credentials (TAW_USER, TAW_PASS) to be provided via environment variables rather than hardcoding them or storing them insecurely.
- [EXTERNAL_DOWNLOADS]: The skill relies on the 'patchright' library and a Docker image from the author's registry (ghcr.io/borski/ticketsatwork). These are consistent with the skill's stated purpose of providing an automated scraping interface for a site with bot protection.
- [DATA_EXFILTRATION]: The skill interacts exclusively with the legitimate service domain (ticketsatwork.com) for the purpose of searching and retrieving travel inventory. No unauthorized external communication was detected.
Audit Metadata