Skills
skills/rjmurillo/ai-agents/analysis-provenance/Gen Agent Trust Hub

analysis-provenance

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/check_provenance.py utilizes subprocess.run to execute git ls-files. This is used to determine if a target path is tracked within the local repository. The command is implemented securely using an argument list with the default shell=False setting, which avoids command injection risks.
  • [DATA_EXFILTRATION]: The skill performs deep inspection of the local filesystem, including reading package.json, .gitmodules, and the initial lines of target files to search for copyright or generation markers. All operations are confined to the local environment, with no network libraries or exfiltration patterns detected.
  • [REMOTE_CODE_EXECUTION]: The skill does not download or execute any external scripts or packages. It relies solely on the provided local Python script and standard library modules.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 03:45 PM