readout
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill implements strong isolation by delegating the documentation generation to a local child agent, preventing the main conversation context from being cluttered with large amounts of researched data.
- [COMMAND_EXECUTION]: The
scripts/embed_snippets.pyscript executes localgitcommands usingsubprocess.runto extract file content for embedding. The implementation uses list-based arguments rather than shell strings, which is a security best practice to prevent command injection. - [EXTERNAL_DOWNLOADS]: The generated HTML documents include a code viewer (
assets/code-pane.html) that fetches thehighlight.jslibrary from Cloudflare's well-known CDN (cdnjs.cloudflare.com) only when the user opens the code pane. - [DATA_EXFILTRATION]: The code viewer supports accessing private repositories by requesting a user-provided GitHub Personal Access Token. This token is stored only in
sessionStorage(temporary browser memory for the current tab) and is never written to the document or transmitted to third parties other than GitHub's official API.
Audit Metadata