use-template

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses child_process.execSync to run npm install within the directory of the newly cloned template. This is used to install the necessary dependencies defined in the template's package.json file.
  • [DATA_EXFILTRATION]: The skill initiates a network request using the https module to gallery-telemetry.up.railway.app. This request transmits usage data (template ID and event type) to an external server. While the telemetry is described as anonymous and relates to the skill's functionality, the destination domain is not on the standard whitelist.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 08:03 PM
Security Audit — agent-trust-hub — use-template