oracle
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to download and execute the
@steipete/oraclepackage from the npm registry usingnpx. - [COMMAND_EXECUTION]: The functionality is accessed through various shell commands for bundling files, performing dry runs, and managing sessions.
- [DATA_EXFILTRATION]: By design, the tool aggregates local file content (source code, documentation) to be processed by external AI services via API or browser automation. The skill documentation includes specific safety sections advising users to exclude secrets like
.envfiles and auth tokens from these uploads.
Audit Metadata