recoup-platform-build-workspace
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
mkdir -pto create a directory hierarchy (orgs/{slug}/artists/{slug}). This is a standard operation for workspace initialization and matches the skill's described purpose. - [DATA_EXPOSURE]: The skill accesses the
$RECOUP_ACCESS_TOKENenvironment variable for authentication. This is a recommended practice for handling sensitive credentials in development environments rather than hardcoding them. - [EXTERNAL_DOWNLOADS]: The skill makes
GETrequests to/api/organizationsand/api/artists. These endpoints appear to be part of the vendor's own API infrastructure and are used to retrieve the data necessary for scaffolding the workspace. - [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration. The network operations are limited to authenticated API calls to the platform for which the skill is designed.
Audit Metadata