skill-best-practices

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill follows established best practices for agent skill development. It includes a metadata validation script (scripts/validate-metadata.py) that performs standard string and regex checks on skill names and descriptions.
  • [SAFE]: The command execution in SKILL.md is restricted to the bundled Python validation script using specific arguments provided by the agent. No evidence of shell injection or arbitrary command execution was found.
  • [SAFE]: All file operations and path resolutions are relative to the skill directory, adhering to local scope principles.
  • [SAFE]: No external network requests, data exfiltration patterns, or obfuscated content were detected in the instructions or scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 03:43 PM
Security Audit — agent-trust-hub — skill-best-practices