svalbard
Pass
Audited by Gen Agent Trust Hub on Jun 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust 'security-first' architecture, providing explicit instructions to the agent to prioritize authentication, authorization, and data protection. The instructions in
SKILL.mdspecifically prohibit the creation of malware, exfiltration features, or stealth behavior. - [COMMAND_EXECUTION]: The helper script
scripts/check-svalbard.mjsperforms local static analysis by scanning the filesystem for common security vulnerabilities (e.g., hardcoded secrets in.env, use ofdangerouslySetInnerHTML, or missing security headers). The script only reads files and reports findings to the console; it does not perform any network operations or execute arbitrary external code. - [SAFE]: The PowerShell wrapper
scripts/check-svalbard.ps1uses-ExecutionPolicy Bypassto facilitate the execution of the Node.js script. This is a standard practice for development-oriented CLI tools to ensure cross-environment compatibility on Windows systems. - [EXTERNAL_DOWNLOADS]: The README provides installation instructions using
npxandyarntargeting the official repository atgithub.com/wundercorp/svalbard-skill. These references are transparent and consistent with the stated authorship and vendor infrastructure.
Audit Metadata