Skills
skills/trpc-group/trpc-agent-go/oracle/Gen Agent Trust Hub

oracle

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious behavior or security violations were identified. The skill documentation specifically promotes safety by instructing users to redact secrets and sensitive files like .env or authentication tokens before use.
  • [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of the @steipete/oracle package from the NPM registry. This is the legitimate package associated with the 'oracle' tool and the official domain askoracle.dev.
  • [COMMAND_EXECUTION]: The instructions demonstrate standard usage of the oracle CLI for tasks such as dry runs, token estimation, and session management. This includes usage via npx for help menus.
  • [DATA_EXFILTRATION]: The core functionality of the described tool involves sending selected project files to external LLM providers (OpenAI, Gemini, etc.). This is the intended primary purpose of the skill, and the documentation provides clear guidance on limiting the scope of shared data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 01:08 AM
Security Audit — agent-trust-hub — oracle