get-brand-assets
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with api.gooseworks.ai, which is the official infrastructure for the skill author, gooseworks-ai. All network requests are proxied through this verified endpoint.
- [SAFE]: The setup process reads credentials from ~/.gooseworks/credentials.json. This is the standard configuration path for gooseworks-ai tools and is used appropriately to authenticate API requests.
- [SAFE]: Local command execution (curl, python3) is used solely for standard tasks like parsing configuration and making authorized API calls. No suspicious or obfuscated commands were found.
- [SAFE]: No evidence of prompt injection, data exfiltration to third parties, or persistence mechanisms was detected during the analysis.
Audit Metadata