Skills
skills/walletconnect/skills/license-compliance/Gen Agent Trust Hub

license-compliance

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes subprocess.run to invoke system tools including git, gh, npm, pnpm, yarn, and cargo. These tools are used for cloning repositories and extracting dependency metadata. For Javascript and Typescript projects, the scanner explicitly uses the --ignore-scripts flag during dependency installation to prevent the execution of potentially malicious lifecycle scripts from third-party packages.
  • [EXTERNAL_DOWNLOADS]: The skill connects to multiple well-known and trusted package registries (npm, PyPI, crates.io, Maven Central, NuGet, pub.dev) and the GitHub API to fetch license metadata. It also clones remote repositories for analysis as part of its core functionality.
  • [CREDENTIALS_UNSAFE]: To ensure higher rate limits for API requests, the skill retrieves the user's GitHub CLI authentication token via gh auth token. This token is used specifically for authenticating requests to the official GitHub API (api.github.com).
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external manifest files and remote repositories. While this data is technically untrusted, the skill limits the risk of indirect prompt injection by extracting structured dependency information and providing it to the agent in a JSON format. The analysis logic includes validation steps, such as checking the hostname of NuGet catalog entries, to ensure data is retrieved from legitimate sources.
  • Ingestion points: Remote GitHub repositories cloned to temporary directories and local dependency manifest files (e.g., package.json, Cargo.toml).
  • Boundary markers: The script produces structured JSON output; no explicit natural language boundary markers are used within the script-to-agent interface.
  • Capability inventory: The skill has capabilities for network access (HTTP GET), filesystem operations (read/write in temp and project directories), and command execution (package managers, git).
  • Sanitization: The skill employs URL encoding for package coordinates and validates hostnames for remote metadata lookups in the C# ecosystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 08:26 AM
Security Audit — agent-trust-hub — license-compliance