Skills
skills/jwmossmoz/agent-skills/skill-checker/Gen Agent Trust Hub

skill-checker

Pass

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts/check-skill.sh script downloads several auditing tools from external sources during its execution.
  • Fetches the skills-ref tool from the agentskills/agentskills GitHub repository via uvx.
  • Installs the waza tool from Microsoft's official GitHub organization and the skill-validator from the agent-ecosystem repository using go install.
  • Executes the skill-check package directly from the public npm registry using npx.
  • [COMMAND_EXECUTION]: The skill performs shell commands to manage its auditing environment and process report data.
  • Creates and manages artifact directories in the system /tmp/skill-checker/ location.
  • Performs a targeted cleanup of legacy validator output files (matching .skill-check.*.txt) within the skill directory being audited.
  • Uses perl for non-destructive, in-place processing of log files to remove terminal formatting codes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 22, 2026, 01:02 AM
Security Audit — agent-trust-hub — skill-checker