Adobe
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to pipe ExtendScript into Python bridge processes (e.g., 'python adapters/photoshop_adapter/photoshop_bridge.py --stdin'), which then execute code within target desktop applications like Photoshop and Illustrator.
- [EXTERNAL_DOWNLOADS]: Instructions include the installation of the 'flue' Python package from PyPI using 'pip install flue'. Both the package and the referenced GitHub repository ('github.com/SFKislev/flue') are vendor-owned resources belonging to the skill author.
- [DATA_EXPOSURE]: The instructions contain a hardcoded reference to a local Windows user directory ('C:\Users\fredd.claude\skills\flue\SKILL.md'), which appears to be a reference to the author's local configuration environment.
Audit Metadata