skill-manager
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches version metadata, changelogs, and commit data from official GitHub domains (
github.comandraw.githubusercontent.com) to support its update-checking functionality. - [COMMAND_EXECUTION]: Utilizes standard shell utilities and the Git CLI to perform installation tasks, such as cloning repositories and creating symbolic links within the
.claude/configuration directory. - [SAFE]: Includes a dedicated security analysis module (
scripts/security.py) that proactively scans newly installed skills for malicious patterns, including command execution, credential harvesting, and prompt injection, which enhances the overall security of the user's environment.
Audit Metadata