Skills
skills/tychohq/agent-skills/gog-safety/Gen Agent Trust Hub

gog-safety

Warn

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The script scripts/build-gog-safe.sh clones a source repository from https://github.com/drewburchfield/gogcli-safe.git and executes go run ./cmd/gen-safety. This pattern represents the execution of unverified remote code from a third-party source during the build process.
  • [COMMAND_EXECUTION]: The skill uses ssh to execute commands on remote hosts that include sudo privileges to modify system directories (/usr/local/bin) and change file permissions (chmod +x). While these are common deployment actions, they represent high-risk privilege escalation on the target system.
  • [COMMAND_EXECUTION]: The skill relies on several system shell commands (git, go, scp) to perform its primary functions of downloading source code and building binaries.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 3, 2026, 01:32 AM