competitors-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard development commands such as
git clone,ls,cat, andgrepto analyze local code repositories. These commands are scoped to a specific workspace directory (~/Workspace/competitors/) and are necessary for the skill's primary purpose of repository analysis. - [EXTERNAL_DOWNLOADS]: The skill includes a shell script (
scripts/update-competitors.sh) and instructions to clone external GitHub repositories via SSH/HTTPS. This is documented as a core feature for analysis and involves standard source control operations. - [DATA_EXFILTRATION]: While the skill reads sensitive files like
package.json,Cargo.toml, and source code, it does so within the local filesystem for the purpose of generating analysis profiles. No network operations were found that transmit this sensitive data to an external, non-whitelisted domain; it strictly utilizes local file reading tools.
Audit Metadata