yao-geo-comparison-builder

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script examples/hubspot-cn-demo/build_hubspot_cn_demo.py executes system commands via subprocess.run to perform document conversions using pandoc and to verify the layout of generated PDF files using standard utilities like pdfinfo and pdftotext.
  • [EXTERNAL_DOWNLOADS]: The demo script uses the urllib.request library to perform network status checks (HEAD and GET requests) on public brand URLs (e.g., HubSpot, Salesforce, Zoho) listed as sources in the comparison reports. This activity is part of the skill's 'source verification' feature and is restricted to retrieving HTTP status codes and basic headers.
  • [SAFE]: The skill's operations, including command execution and network access, are well-documented and restricted to the primary task of building and verifying document-based comparison reports. It includes sanitization measures such as HTML escaping and uses controlled arguments for subprocess calls.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 10:56 AM
Security Audit — agent-trust-hub — yao-geo-comparison-builder