Skills
skills/lovstudio/skills/lovstudio-find-logo/Gen Agent Trust Hub

lovstudio-find-logo

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill is implemented entirely with Python's standard library (urllib, html.parser, argparse), avoiding the risks associated with third-party dependencies.
  • [EXTERNAL_DOWNLOADS]: The skill fetches public brand assets from well-known and trusted services.
  • Downloads logos from logo.clearbit.com and google.com's favicon service.
  • Scrapes brand websites for metadata-defined images (og:image, twitter:image, favicon).
  • Implements a 10-second timeout on all network requests to prevent resource exhaustion.
  • [COMMAND_EXECUTION]: Local script execution is restricted to the specific find_logo.py tool. The script employs a slugify function to sanitize input strings before using them in filesystem operations, preventing directory traversal or command injection through filenames.
  • [DATA_EXFILTRATION]: No sensitive file access or credential harvesting patterns were detected. File operations are confined to the dedicated ~/.lovstudio/logo-collection/ directory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 09:43 AM