Skills
skills/jubscodes/get-shit-pretty/gspdev-runtime-compat/Gen Agent Trust Hub

gspdev-runtime-compat

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves a legitimate development purpose: tracking updates to AI runtime specifications and flagging 'drift' in a local installer file.
  • [SAFE]: Network operations are directed at fetching documentation from established technology platforms and official project domains. No data exfiltration or unauthorized network communication was identified.
  • [SAFE]: File system interaction is restricted to reading its own reference files and a specific local installer script (bin/install.js) using standard search and read tools.
  • [SAFE]: Indirect Prompt Injection analysis (Vulnerability Surface):
  • Ingestion points: Documentation URLs listed in SKILL.md and references/baseline.md processed by WebFetch.
  • Boundary markers: None present.
  • Capability inventory: WebFetch, WebSearch, Read, Glob, Grep, and Bash (specifically for grep on local files).
  • Sanitization: None present.
  • Assessment: The ingestion surface is required for the tool's core research function; no malicious instructions or exploits were found in the static content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:01 AM
Security Audit — agent-trust-hub — gspdev-runtime-compat