yao-geo-intent-miner

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes Python helper scripts (render_intent_miner_report.py, check_report_layout.py) that automate report generation and layout verification. These scripts use subprocess.check_call and subprocess.check_output to interact with system tools like chromium and pdfinfo. These operations are performed securely using argument lists instead of shell strings, preventing potential command injection.
  • [EXTERNAL_DOWNLOADS]: The methodology documentation references trusted resources and official product pages (e.g., from HubSpot, Google, and research institutions) to support fact calibration and quality standards. No suspicious or unverified third-party code downloads are performed.
  • [SAFE]: A detailed audit of the skill instructions and supporting scripts found no evidence of prompt injection, data exfiltration, or obfuscation techniques. The skill follows established software engineering best practices for its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 10:56 AM
Security Audit — agent-trust-hub — yao-geo-intent-miner