Usql Eval
=========

Status: failed
Score: 86/100
Risk: high
Decision: do_not_auto_install
Policy: block
Reason: Permission surface: shell or command execution, filesystem or document access

Install:
npx skills add xo/usql

Required checks:
- PASS Task fit: Task wording matches this skill metadata.
- PASS Install path: Install handoff is available.
- PASS Install command safety: standard package or runtime install path
- PASS Trust score: Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.
- PASS Audit score: Safe to try
- WARN Agent safety gate: Usable candidate, but the agent should surface permission and audit notes before installation.
- PASS License clarity: MIT
- FAIL Permission surface: shell or command execution, filesystem or document access

Warnings:
- Agent safety gate: Usable candidate, but the agent should surface permission and audit notes before installation.
- README/SKILL.md completeness: Public metadata needs stronger README/SKILL.md context
- High-risk permission hints: Shell or command execution
- Permission surface may require sandboxing
- Permission surface needs review: shell or command execution, filesystem or document access
- Permission surface: shell or command execution, filesystem or document access

Validation plan:
1. Inspect repository, README/SKILL.md, license, and recent commits before production use.
2. Install in an isolated workspace or sandbox with no production secrets available.
3. Run the smallest representative task and record files touched, commands run, network access, and outputs.
4. Compare the selected skill against at least one alternative when the eval status is review or failed.
5. Promote only after the agent reports a successful verification result and unresolved warnings are accepted.

Do not use when:
- teams that need a vendor-supported SLA
- high-compliance environments without internal security review
- No major risk signals from current metadata
- High-risk permission hints: Shell or command execution
- Permission surface may require sandboxing
- Permission surface needs review: shell or command execution, filesystem or document access
- Permission surface: shell or command execution, filesystem or document access
- Production credentials, payments, or irreversible account changes without explicit human review

URLs:
- Skill: https://www.openagentskill.com/skills/xo-usql
- Audit: https://www.openagentskill.com/skills/xo-usql/audit
- JSON: https://www.openagentskill.com/api/agent/evals?slug=xo-usql