yao-copyright-skill

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill operates entirely on local files and does not perform any network requests or data exfiltration. All dependencies are part of the Python standard library.
  • [COMMAND_EXECUTION]: The test suite in tests/test_add_copyright_comments.py uses subprocess.run() to verify script functionality. This is a standard testing practice and does not pose a security risk as it only executes the skill's own local script.
  • [DATA_EXPOSURE]: The script reads and writes to files within a user-specified directory. This behavior is the primary intended function of the skill and is governed by strict path-filtering rules and safety checks, such as skipping lock files, virtual environments, and generated content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:50 AM
Security Audit — agent-trust-hub — yao-copyright-skill