skills/cristoslc/swain/swain-design/Gen Agent Trust Hub

swain-design

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a robust workflow for managing documentation artifacts using well-defined templates and lifecycle phases.
  • [COMMAND_EXECUTION]: Shell and Python scripts execute standard development tools such as git, gh (GitHub CLI), and jq. These operations are consistent with the skill's purpose of repository and documentation management. Commands are invoked using argument lists rather than shell-string evaluation, reducing injection risks.
  • [EXTERNAL_DOWNLOADS]: The readability-check.sh script utilizes uv to dynamically install the well-known textstat library from the standard Python Package Index (PyPI). This is used for calculating Flesch-Kincaid readability scores for documentation.
  • [NO_CODE]: While the skill contains numerous scripts, they are dedicated to local text processing, frontmatter parsing, and repository structure maintenance. No arbitrary remote code execution or exfiltration patterns were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 09:46 PM
Security Audit — agent-trust-hub — swain-design