Skills
skills/jgamaraalv/ts-dev-kit/yolo/Gen Agent Trust Hub

yolo

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands via dynamic context injection (!) in the SKILL.md file to detect local environment state, such as checking if Docker or VS Code is installed and verifying project structure.
  • [COMMAND_EXECUTION]: Instructs the agent to start the Docker daemon using sudo systemctl start docker on Linux systems if the service is not already running.
  • [COMMAND_EXECUTION]: Configures a targeted privilege escalation in the Dockerfile by granting the non-root 'node' user passwordless sudo access exclusively for the /usr/local/bin/init-firewall.sh script to allow network configuration at startup.
  • [EXTERNAL_DOWNLOADS]: Fetches dynamic IP ranges from the official GitHub API (api.github.com/meta) to populate the firewall whitelist, ensuring the container can access Git services while blocking other traffic.
  • [REMOTE_CODE_EXECUTION]: The Dockerfile downloads and executes a third-party ZSH configuration script from a public GitHub repository (deluan/zsh-in-docker) to set up the shell environment.
  • [REMOTE_CODE_EXECUTION]: Downloads and installs the git-delta binary directly from its GitHub releases page during the container build process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 04:41 AM