treasures

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes instructions to install sub-skills from the treasures-io GitHub repository using the npx skills tool. This process uses a verified utility from a well-known source to manage agent instructions.
  • [COMMAND_EXECUTION]: Transparent shell commands are provided for user-initiated installation. These commands are standard for the toolset and do not involve unauthorized actions or obfuscated parameters.
  • [DATA_EXFILTRATION]: The skill architecture prevents the exfiltration of sensitive credentials by design. It uses a non-custodial delegated signer model, ensuring the AI agent never has access to or handles the user's private keys.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 07:45 AM
Security Audit — agent-trust-hub — treasures