vector-setup
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage the environment, including installing packages via
npm, running verification tools withnpx, and registering an MCP server using theclaudeCLI utility. - [EXTERNAL_DOWNLOADS]: The skill fetches several Node.js packages from the official npm registry. These include the core
ruvectorpackage and related modules like@ruvector/pi-brainand@ruvector/ruvllm, which are within the vendor's namespace and use specific version pinning for consistency. - [SAFE]: All operations are consistent with the skill's stated purpose of bootstrapping a developer toolset. The use of standard package managers and official CLI tools for registration is a best practice for this use case.
Audit Metadata