中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 0/100
Last scan:2 days ago Rescan
0 /100
genealogy-agent
Extracts family history from raw text, builds a local knowledge graph, generates Mermaid trees, and exports to Obsidian format.
A legitimate genealogy research agent with properly declared file I/O and documented web search functionality. No malicious indicators detected.
Skill Namegenealogy-agent
Duration25.7s
Enginepi
Safe to install
This skill is safe for use. No security concerns identified.
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned SKILL.md line 13-17 declares file generation (graphs, vaults, exports)
Network READ READ ✓ Aligned SKILL.md line 10 declares 'Auto-Research' with web search; research.py uses duck…

File Tree

9 files · 27.0 KB · 695 lines
Python 6f · 538L JSON 1f · 93L Markdown 2f · 64L
├─ 📁 scripts
│ ├─ 🐍 build_graph.py Python 51L · 1.9 KB
│ ├─ 🐍 export_gedcom.py Python 139L · 5.1 KB
│ ├─ 🐍 extract.py Python 52L · 2.1 KB
│ ├─ 🐍 generate_mermaid.py Python 59L · 2.0 KB
│ ├─ 🐍 generate_obsidian.py Python 112L · 3.5 KB
│ └─ 🐍 research.py Python 125L · 5.2 KB
├─ 📝 README.md Markdown 29L · 1.8 KB
├─ 📋 skill.json JSON 93L · 3.4 KB
└─ 📝 SKILL.md Markdown 35L · 2.1 KB

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
pydantic * pip No Standard data validation
litellm * pip No LLM abstraction layer
duckduckgo-search * pip No Documented web search functionality

Security Positives

✓ All capabilities explicitly declared in SKILL.md (file generation, web research)
✓ No shell execution, subprocess, or eval() usage
✓ No credential harvesting or environment variable iteration for sensitive keys
✓ No base64 encoding/decoding or obfuscated payloads
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ Network access limited to documented DuckDuckGo search functionality
✓ Filesystem operations only for genealogy data (graphs, markdown, GEDCOM)
✓ Clean dependency set: litellm, pydantic, duckduckgo-search
✓ Standard CLI pattern with proper argument handling