skill-evaluator
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill contains references to installation scripts for required coding-agent CLIs, such as the command
curl -fsSL https://claude.ai/install.sh | bash. These scripts originate from the official domains of well-known and trusted technology providers like Anthropic and Google. These references are provided solely as informational setup instructions for the user and are not automatically executed by the skill's runtime scripts. - [COMMAND_EXECUTION]: The harness invokes external binaries, including
claude,codex, andagy, usingsubprocess.runacross its main logic scripts (run_quality_eval.py,run_script_checks.py,run_trigger_eval.py). It employs documented bypass flags like--dangerously-skip-permissionsto allow for non-interactive headless operation, which is a core requirement for automated benchmarking. - [EXTERNAL_DOWNLOADS]: The skill references several external resources from official domains of well-known technology providers, such as Anthropic (
claude.ai), Google (antigravity.google), and Cursor (cursor.com). These references are used for informational purposes and guiding the user through the setup process for the agents being evaluated.
Audit Metadata