openapi-swagger
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several well-known industry tools for installation via npm, including
@apidevtools/swagger-cli,@openapitools/openapi-generator-cli,@stoplight/spectral-cli,@stoplight/prism-cli, and@redocly/cli. These are established packages used for API validation, linting, code generation, and documentation. - [COMMAND_EXECUTION]: Provides standard CLI instructions for API development workflows, such as validating specifications, generating client SDKs and server stubs, and running mock servers using Prism. These commands are executed locally by the user and are consistent with the skill's primary purpose.
- [CREDENTIALS_UNSAFE]: While the skill includes code examples with 'accessToken' and 'password' fields, these utilize clearly labeled placeholders like 'your-jwt-token' and 'securepassword', which does not constitute a security risk.
- [DATA_EXFILTRATION]: No patterns of unauthorized data access or network-based exfiltration were detected. Remote references point to well-known documentation and font services (e.g., Google Fonts, Redocly CDN).
Audit Metadata