Skills
skills/yunshu0909/yunshu_skillshub/case-radar/Gen Agent Trust Hub

case-radar

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands via bash to interact with the local environment and external APIs. This includes checking for installed software (command -v agent-browser), verifying GitHub authentication (gh auth status), and using the GitHub API (gh api) to retrieve repository contents. These are standard operations for a developer-oriented research tool.
  • [EXTERNAL_DOWNLOADS]: The skill downloads external resources including images via curl and repository data via the GitHub API. It also utilizes agent-browser to navigate to and capture screenshots of external websites. These actions are transparently documented as part of the core functionality to provide "real-world" evidence to the user.
  • [PROMPT_INJECTION]: While the skill instructions include prompts for sub-agents (e.g., the "scan agent"), these are used to structure the research process and do not attempt to bypass safety filters or override the main agent's core constraints.
  • [DATA_EXPOSURE]: The skill accesses repository metadata and public web content. It does not target sensitive local files (like SSH keys or AWS credentials) or exfiltrate private data to unauthorized third-party servers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:53 AM
Security Audit — agent-trust-hub — case-radar