Skill Detail

Skill Installer v3.0

This skill installer validates, registers, and verifies new skills within the ecosystem.

GitHub:sickn33/antigravity-awesome-skills skill-installer

version dbb1b0f1a5e7

static analysis only

no human review yet

Needs Review

Current public label

Needs Review

Because the skill references secrets, it needs review to ensure they are handled securely.

This label is currently coming from the automated scorecard.

Automated result

Needs Review

The static analysis found references to secrets or credentials in the skill's scripts.

2 medium Final label: needs review.

Human review

No human review has been recorded yet.

The current public label is still relying on automation. A human has not weighed in yet.

What happened

Driftloom completed a static scan. It inspected the skill files, recorded findings, and generated a scorecard.

Runtime evidence

No sandbox runtime result has been recorded yet.

Driftloom currently recommends runtime testing for this version (priority 30).

What did not happen

Driftloom did not run this skill in an isolated sandbox yet.
This label is not a guarantee that the skill is safe, bug-free, or appropriate for every environment.
A good score does not replace human judgment when a skill touches secrets, shell access, or external systems.

Source provenance

Source: Workspace import

Originally ingested from a local workspace copy.

Scorecard

Safety

Quality

100

Transparency

100

Operational

Maintenance

2 medium Final label: needs review.

Severity mix: 2 medium

What Driftloom checked

Read the skill files and metadata to understand what the skill claims to do.
Looked for shell commands and risky command patterns, even if none stood out strongly.
Looked for external URLs and network behavior.
Looked for secret, token, password, and credential references.
Checked whether the skill structure and references looked internally consistent.

Findings

Secret or credential reference detected

secret.reference · safety

Medium

The source references credentials or secret material in executable or configuration context.

File: scripts/package_skill.py

Evidence: token

Secret or credential reference detected

secret.reference · safety

Medium

The source references credentials or secret material in executable or configuration context.

File: scripts/validate_skill.py

Evidence: secret

Latest scan metadata

Run type	Static
Status	Completed
Runner	control-plane:heuristic-scan
Duration	7 ms
Completed	2026-03-26 18:28

Scan history

Static

Completed ·

Runner: control-plane:heuristic-scan · 7 ms

Versions

dbb1b0f1a5e7

2026-03-26 18:28

/tmp/antigravity-awesome-skills/skills/skill-installer

Manual reviews

No manual reviews recorded yet.

Runtime artifacts

No runtime artifacts recorded.

All artifacts

source_bundle

/app/source_bundles/skill-installer/dbb1b0f1a5e7.tar.gz

analysis_summary

heuristic://skill-installer/None

source_snapshot

/tmp/antigravity-awesome-skills/skills/skill-installer

More from GitHub:sickn33/antigravity-awesome-skills

007 — Licenca para Auditar

007

High Risk

2D Game Development

game-development

Trusted

3D Game Development

game-development

Trusted

3D Web Experience

3d-web-experience

Trusted

A/B Test Setup

ab-test-setup

Trusted

Acceptance Orchestrator

acceptance-orchestrator

Trusted

See more from this publisher →