skillkit
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The toolkit includes security-focused utilities such as
security_scanner.pyandvalidate_skill.pythat scan for hardcoded secrets, injection risks, and dangerous patterns in other skills. Educational references to dangerous functions likeeval()andexec()in the security guide are correctly documented as risks to be avoided. - [COMMAND_EXECUTION]: The provided automation scripts (
init_skill.py,test_generator.py,migration_helper.py, etc.) perform legitimate file management and template generation tasks essential to the skill's purpose. They follow security best practices by using safe libraries such asyaml.safe_load. - [EXTERNAL_DOWNLOADS]: The skill uses established tools like
web_searchfor domain research and references well-known package registries for its configuration, which is standard for a development utility and consistent with its intended primary use case.
Audit Metadata