yao-geo-brand-graph
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script
scripts/collect_source_validation.pyperforms HTTP GET requests to verify the reachability of brand source URLs and extract page titles. This is a functional requirement for the skill's data verification process and uses standard Python libraries (urllib.request) with appropriate timeouts. - [COMMAND_EXECUTION]: The skill includes Python scripts for rendering reports (
render_yao_geo_brand_graph.py) and validating data. These scripts perform file I/O and document generation (Word, PDF, HTML) based on structured JSON input, following safe coding practices without dynamic execution of untrusted code. - [DATA_EXPOSURE_AND_EXFILTRATION]: The source validation script handles external URLs, but it is limited to metadata collection (HTTP status and titles) and does not access sensitive local files or environment variables.
- [SAFE]: The methodology documents (e.g.,
references/evidence-policy.md) explicitly incorporate privacy reviews and authorization checks, demonstrating a focus on data security and ethical handling of corporate information.
Audit Metadata