doctor
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs structural and semantic validation of local plugin files (manifests, skills, agents) using standard Bash utilities and Python for JSON parsing.
- [SAFE]: It checks for the presence of required environment variables and credentials (e.g., TAVILY_API_KEY) for MCP servers but does not attempt to read or exfiltrate their values.
- [SAFE]: External tool recommendations, such as agent-browser from Vercel Labs or the portless utility, target well-known and trusted organizations or services.
- [SAFE]: The skill uses a platform-native hook mechanism to capture environment snapshots for diagnostics, which is consistent with its stated purpose.
- [SAFE]: Diagnostic procedures include verifying file integrity and schema compliance for local memory and configuration files, with no evidence of malicious data processing or exfiltration.
Audit Metadata