skills/jihe520/mathmodelagent/6verity/Gen Agent Trust Hub

6verity

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to run its internal validation script and standard system utilities such as typst for compilation and pdftoppm or imagemagick for visual layout verification. These operations are transparently documented and align with the skill's primary purpose.
  • [SAFE]: The skill implements a security-conscious leak check mechanism that specifically scans project files for internal environment metadata, such as temporary directory paths or workflow filenames, to prevent their inclusion in the final document output.
  • [SAFE]: Data ingestion is restricted to project-specific files like Typst sources and JSON result data. Technical analysis of the analysis script confirms that these inputs are parsed using safe static methods (regular expressions and standard JSON libraries) and do not provide a path for command injection or remote code execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 03:08 AM
Security Audit — agent-trust-hub — 6verity