Skills
skills/zhinkgit/embeddedskills/workflow/Gen Agent Trust Hub

workflow

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to execute various sub-scripts (e.g., keil_build.py, gcc_build.py, jlink_exec.py) located within the repository structure. The commands are constructed as lists of arguments, and the executable is the current Python interpreter (sys.executable), which follows security best practices to prevent shell injection.
  • [DYNAMIC_EXECUTION]: The script uses __import__ to dynamically load the standard time module for performance tracking. This is a common pattern for timing operations and is not used for executing untrusted code.
  • [DATA_EXPOSURE]: The skill manages project-specific state and configuration in a local .embeddedskills directory. This data is stored locally and is not transmitted over the network.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 09:54 AM