swarmvault
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructs the agent to install the @swarmvaultai/cli package from npm, which is a standard and well-known Node.js package registry.
- [SAFE]: The command execution patterns involving the swarmvault CLI are scoped to managing the project's knowledge vault, including tasks like initialization, data ingestion, and knowledge compilation.
- [SAFE]: Network activity initiated by the tool, such as fetching GitHub repositories or YouTube transcripts, is a core feature of the knowledge ingestion workflow and is triggered only by explicit user or agent instructions.
- [SAFE]: The skill promotes secure configuration practices by advising users to manage model provider credentials in local configuration files rather than hardcoding them.
- [SAFE]: The inclusion of a review-based workflow (e.g., compile --approve) ensures transparency and provides a manual checkpoint for the user to verify generated content before it is finalized.
Audit Metadata