spritecook-upload-assets
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a PowerShell pattern using
Invoke-WebRequestto perform a file upload. This is used as a secure alternative to methods that might inadvertently log or display binary data in the terminal. - [DATA_EXFILTRATION]: The skill's primary function is to upload user-selected local files to the SpriteCook service. The instructions provide clear guidance on treating upload URLs and tokens as short-lived secrets, specifically advising against including them in manifests or user-facing output.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill is consistent with its stated purpose of managing assets for the SpriteCook platform.
Audit Metadata