yao-copyright-skill
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely on local files and does not perform any network requests or data exfiltration. All dependencies are part of the Python standard library.
- [COMMAND_EXECUTION]: The test suite in
tests/test_add_copyright_comments.pyusessubprocess.run()to verify script functionality. This is a standard testing practice and does not pose a security risk as it only executes the skill's own local script. - [DATA_EXPOSURE]: The script reads and writes to files within a user-specified directory. This behavior is the primary intended function of the skill and is governed by strict path-filtering rules and safety checks, such as skipping lock files, virtual environments, and generated content.
Audit Metadata