skills/terrylica/cc-skills/m3/Gen Agent Trust Hub

m3

Warn

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run local shell scripts (such as scripts/m3-verify, scripts/m3-probe.py, and scripts/minimax-check-upgrade) located within the plugin's source directory for model verification and benchmarking.- [EXTERNAL_DOWNLOADS]: The skill utilizes the uv tool to execute Python scripts with specific dependencies (requests, pillow), which involves downloading these external packages from the Python Package Index (PyPI) at runtime.- [COMMAND_EXECUTION]: Includes guidance on scheduling periodic background tasks using launchd templates, which is a mechanism for persistence that ensures maintenance scripts run automatically.- [COMMAND_EXECUTION]: Instructs the agent to autonomously modify its own configuration and documentation files (specifically SKILL.md) based on the results of verification scripts, a self-modification pattern that can lead to unexpected behavioral changes.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 26, 2026, 12:25 AM
Security Audit — agent-trust-hub — m3