cost-summary
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local JavaScript file (
plugins/ruflo-cost-tracker/scripts/summary.mjs) via the Node.js runtime to generate reports. - [DATA_EXFILTRATION]: The skill accesses internal usage and billing metadata, including total expenditure and budget limits, to provide a structured cost summary. This is the primary intended function of the skill.
- [SAFE]: The functionality is restricted to local vendor-provided scripts with no remote dependencies, obfuscated code, or signs of safety guideline bypass.
Audit Metadata