spritecook-upload-assets

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a PowerShell pattern using Invoke-WebRequest to perform a file upload. This is used as a secure alternative to methods that might inadvertently log or display binary data in the terminal.
  • [DATA_EXFILTRATION]: The skill's primary function is to upload user-selected local files to the SpriteCook service. The instructions provide clear guidance on treating upload URLs and tokens as short-lived secrets, specifically advising against including them in manifests or user-facing output.
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill is consistent with its stated purpose of managing assets for the SpriteCook platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 10:43 AM
Security Audit — agent-trust-hub — spritecook-upload-assets