skill-architect
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a meta-utility that guides the user and agent through standardized skill development. It contains no executable malicious logic or harmful instructions.
- [COMMAND_EXECUTION]: Static detection triggers regarding destructive system commands (e.g., rm -rf /) are false positives. These strings appear strictly within educational context and security checklists as examples of dangerous practices to be avoided and audited for.
- [CREDENTIALS_UNSAFE]: The skill includes explicit security standards that forbid the use of hardcoded API keys and the distribution of sensitive environment files (.env), effectively promoting secure development practices.
- [EXTERNAL_DOWNLOADS]: The developer guidelines recommend the use of standard, well-known software packages (e.g., python-docx, python-dotenv) and official package managers, which is consistent with legitimate development activities.
- [SAFE]: The skill's review mode involves reading external skill files for auditing purposes; however, it focuses on formatting and structural compliance rather than execution, maintaining a safe operational profile.
Audit Metadata