codealive-context-engine
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system utilities (such as 'security', 'secret-tool', 'cmdkey', and 'powershell.exe') to interact with OS-native credential stores. This behavior is used solely for the secure storage and retrieval of the CodeAlive API key during setup and authentication.
- [EXTERNAL_DOWNLOADS]: The skill fetches code snippets and repository metadata from the vendor's official API (app.codealive.ai). These network operations are the intended primary function of the skill and utilize standard Python libraries.
- [DATA_EXFILTRATION]: No unauthorized data transmission was detected. The skill only sends user-initiated search queries and identifiers to the CodeAlive platform to retrieve relevant code information.
- [NO_CODE]: The skill is implemented entirely using the Python standard library and does not require or install any third-party packages, minimizing supply chain risks.
Audit Metadata