plugin-testing
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the user or agent to run standard development and diagnostic commands (e.g.,
npm test,npm run test:e2e,grep,diff,ls,cat) within a specific local workspace directory (/Users/engineer/workspace/opencode-reflection-plugin). - [DATA_EXPOSURE_AND_EXFILTRATION]: The instructions involve reading local configuration files (e.g.,
~/.config/opencode/tts.json) and local plugin data directories (.reflection/,.tts/). These actions are consistent with the stated purpose of verifying plugin configurations and data storage requirements. - [REMOTE_CODE_EXECUTION]: No remote code execution patterns, unauthorized downloads, or piped shell executions from external sources were detected. All execution remains within the local project context using standard package manager commands.
Audit Metadata