Skills
skills/regenrek/agent-skills/homebrew-publish/Gen Agent Trust Hub

homebrew-publish

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Executes system commands including brew, gh, and language-specific build tools like npm, cargo, and go to manage the lifecycle of Homebrew packages and repositories.
  • [EXTERNAL_DOWNLOADS]: Fetches remote source code and binary assets via curl to compute cryptographic hashes and verify software integrity during the formula creation and update process.
  • [DATA_EXFILTRATION]: Performs network operations to retrieve external resources; these operations are limited to the intended purpose of checksum calculation and package building, with no evidence of unauthorized data transfer.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests external project metadata and URLs to construct Homebrew formulae via language-specific templates. This represents a standard software packaging workflow with no high-risk exploitation surface identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 05:35 AM
Security Audit — agent-trust-hub — homebrew-publish