skills/openaec-foundation/speckle-claude-skill-package/speckle-agents-data-validator/Gen Agent Trust Hub
speckle-agents-data-validator
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified across the analyzed files. The skill provides legitimate utility for developers working with the Speckle SDK.
- [DATA_EXFILTRATION]: The skill uses the official
specklepyandSpeckle.Sdklibraries to interact with Speckle servers. Network operations are limited to standardoperations.send()andoperations.receive()calls to defined endpoints, with no evidence of sensitive data harvesting or exfiltration to unauthorized domains. - [COMMAND_EXECUTION]: Code snippets provided in the documentation (Python and C#) are focused exclusively on data validation logic, such as verifying array lengths, checking property types, and traversing object trees. There are no calls to dangerous system commands or subprocesses.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or credentials were found. Examples correctly use placeholders like
your-stream-idand reference standard SDK initialization patterns. - [PROMPT_INJECTION]: The instructional content is professional and focused on technical implementation. No attempts to override agent behavior, bypass safety filters, or extract system prompts were detected.
- [EXTERNAL_DOWNLOADS]: The skill references official Speckle documentation and guidance sites (e.g.,
docs.speckle.systems,speckle.guide), which are appropriate and safe resources for the stated purpose.
Audit Metadata