Skills
skills/codeatcode/oss-ai-skills/zed-editor/Gen Agent Trust Hub

zed-editor

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructional examples for downloading external resources, such as language server binaries, using zed::download_file and fetching assets from GitHub releases via zed::latest_github_release.
  • [COMMAND_EXECUTION]: The documentation outlines how to launch external processes, including Language Server Protocol (LSP) and Model Context Protocol (MCP) servers, using the zed::Command API within the extension's worktree.
  • [REMOTE_CODE_EXECUTION]: The skill describes common patterns for fetching remote binaries from GitHub, downloading them to a local cache, and utilizing zed::make_file_executable to run them. These patterns are standard for the described purpose of building editor plugins.
  • [SAFE]: The skill includes an explicit security section documenting Zed's sandboxing mechanism and the 'granted_extension_capabilities' configuration, which ensures that extensions cannot perform network operations or execute commands without explicit user consent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:54 AM
Security Audit — agent-trust-hub — zed-editor