skill-manager

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches version metadata, changelogs, and commit data from official GitHub domains (github.com and raw.githubusercontent.com) to support its update-checking functionality.
  • [COMMAND_EXECUTION]: Utilizes standard shell utilities and the Git CLI to perform installation tasks, such as cloning repositories and creating symbolic links within the .claude/ configuration directory.
  • [SAFE]: Includes a dedicated security analysis module (scripts/security.py) that proactively scans newly installed skills for malicious patterns, including command execution, credential harvesting, and prompt injection, which enhances the overall security of the user's environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 04:24 AM
Security Audit — agent-trust-hub — skill-manager