skills/shiplightai/agent-skills/cloud/Gen Agent Trust Hub

cloud

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Communicates with api.shiplight.ai for test data synchronization and fetches package updates from the npm registry. These operations are essential for the skill's functionality and target verified vendor infrastructure.
  • [COMMAND_EXECUTION]: Executes npx -y skills@latest update -y on a daily schedule to maintain the current version of the Shiplight toolset. This behavior is documented and serves as a self-update mechanism.
  • [DATA_EXFILTRATION]: Transfers test cases, templates, and browser session data to the vendor's cloud platform. These data transfers are the intended purpose of the skill and are restricted to authorized endpoints.
  • [SAFE]: No malicious patterns or unauthorized behaviors were detected. All activities, including file system access and network operations, are consistent with the skill's role as a cloud-sync utility for Shiplight users.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:39 PM
Security Audit — agent-trust-hub — cloud