Caution

create-readme

Name: create-readme Security Scan — CAUTION
Item: create-readme
Rating: 7

https://skills.sh/github/awesome-copilot/create-readme

Risk Score4

Publishergithub

TypeGitHub Copilot SKILL

Transparencymedium

This skill appears to be a simple README writer for a project. It does not include scripts or hidden files, which is a good sign, but it does tell the agent to use several public GitHub README files as inspiration. That means it may rely on network access even though its job is basically local documentation work. I would not call it malicious, but I would review or remove the external references before installing if you want a strictly local skill.

Package Info

SHA-2566d59b2dcd75a…

Size1.4 KB

Permission Map

Everything this skill can access, modify, and communicate with on your system.

Reads from

Project and workspace files needed to understand the repositoryPotentially public README examples at the listed raw.githubusercontent.com URLs

Writes to

README.md in the workspace

Talks to

Permissions Requested

Reads files on your machineCreates and modifies filesSends data to external serversRuns commands on your systemModifies your agent's settingsAccesses other agent sessionsWrites to your workspace filesRuns code on agent eventsCreates child agentsChanges available tools

Network Calls

raw.githubusercontent.com/Azure-Samples/serverless-chat-langchainjs/refs/heads/main/README.mdraw.githubusercontent.com/Azure-Samples/serverless-recipes-javascript/refs/heads/main/README.mdraw.githubusercontent.com/sinedied/run-on-output/refs/heads/main/README.mdraw.githubusercontent.com/sinedied/smoke/refs/heads/main/README.md

File Writes

README.md

create-readme

Flagged Behaviors (2)

How This Was Analyzed

Next Steps

About this scan

create-readme

What does this skill actually do?

What security issues were found?

Flagged Behaviors (2)

How was this scan performed?

How This Was Analyzed

Should you install this skill?

Next Steps