Skills
skills/letta-ai/skills/setting-profile-images/Gen Agent Trust Hub

setting-profile-images

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git commands via Python's subprocess.run to manage agent memory files.
  • Evidence: subprocess.run(cmd, cwd=cwd, text=True, capture_output=True, check=False) in scripts/set_profile_image.py.
  • Behavior: The commands are restricted to standard git operations (git add, git commit, git rev-parse) performed within the agent's memory directory to track profile image changes.
  • [EXTERNAL_DOWNLOADS]: The skill uses the Python urllib library to optionally verify the updated profile image via the Letta backend API.
  • Evidence: urllib.request.urlopen(req, timeout=10) in verify_profile.
  • Behavior: This is a standard verification step that communicates only with the configured LETTA_BASE_URL using the provided LETTA_API_KEY to confirm the upload was successful.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:05 PM
Security Audit — agent-trust-hub — setting-profile-images