youmind-x-article

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard Node.js and NPM commands for dependency management and execution. The toolset is built from TypeScript source code provided in the repository.
  • [DATA_EXFILTRATION]: Network operations are strictly limited to the vendor's official API domains (youmind.com and cdn.gooo.ai). No unauthorized data transmission or exfiltration of sensitive system files was detected.
  • [CREDENTIALS_UNSAFE]: The skill adopts a secure-by-default posture for credentials. It does not store X (Twitter) authentication tokens locally; instead, it relies on a YouMind API key which the user is instructed to place in a standard configuration file (~/.youmind/config.yaml). Examples use non-functional placeholders.
  • [REMOTE_CODE_EXECUTION]: All code is local to the toolkit. Dependencies are standard, well-known packages from the NPM registry (commander, node-fetch, yaml).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:22 PM
Security Audit — agent-trust-hub — youmind-x-article