cloud
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Communicates with
api.shiplight.aifor test data synchronization and fetches package updates from the npm registry. These operations are essential for the skill's functionality and target verified vendor infrastructure. - [COMMAND_EXECUTION]: Executes
npx -y skills@latest update -yon a daily schedule to maintain the current version of the Shiplight toolset. This behavior is documented and serves as a self-update mechanism. - [DATA_EXFILTRATION]: Transfers test cases, templates, and browser session data to the vendor's cloud platform. These data transfers are the intended purpose of the skill and are restricted to authorized endpoints.
- [SAFE]: No malicious patterns or unauthorized behaviors were detected. All activities, including file system access and network operations, are consistent with the skill's role as a cloud-sync utility for Shiplight users.
Audit Metadata