Pre-install eval

Token Profile eval report.

A machine-readable install decision for agents: task fit, Trust Score, Audit Score, install safety, permission surface, and a concrete validation plan before this skill touches a workspace.

Needs reviewMEDIUM RISKREVIEW POLICY
69
Eval
73
Trust
74
Audit
46
Safety

manual review

Test manually in an isolated workspace and compare against safer alternatives.

Required gates

Checks an agent must pass before install

Open JSON

Task fit

94

pass

Task wording matches this skill metadata.

  • Evaluate Token Profile before installing it in an agent workflow
  • web3-analytics
  • Workflow automation workflows; Claude Code teams; teams that value GitHub adoption signals

Install path

92

pass

Install handoff is available.

  • npx skills add consenlabs/token-profile

Install command safety

68

warn

credential-bearing install command, standard package or runtime install path

  • npx skills add consenlabs/token-profile

Trust score

73

warn

Good trust signals with a few areas worth checking before rollout.

  • Strong shortlist
  • 911 GitHub stars
  • MIT

Audit score

74

warn

Needs review

  • Permission surface may require sandboxing

Agent safety gate

46

warn

Sparse or mixed signals. Useful for discovery, but not for autonomous installation.

  • Test manually in an isolated workspace and compare against safer alternatives.
  • High-risk permission hints: Secrets or environment access

License clarity

86

pass

MIT

  • MIT

Permission surface

60

warn

secrets or environment access, filesystem or document access

  • Network access: medium
  • Filesystem access: medium
  • Secrets or environment access: high

Validation plan

What the agent should do next

  1. 1Inspect repository, README/SKILL.md, license, and recent commits before production use.
  2. 2Install in an isolated workspace or sandbox with no production secrets available.
  3. 3Run the smallest representative task and record files touched, commands run, network access, and outputs.
  4. 4Compare the selected skill against at least one alternative when the eval status is review or failed.
  5. 5Promote only after the agent reports a successful verification result and unresolved warnings are accepted.

Do not use when

Conditions that require another skill

  • teams that need a vendor-supported SLA
  • high-compliance environments without internal security review
  • No major risk signals from current metadata
  • High-risk permission hints: Secrets or environment access
  • Permission surface may require sandboxing
  • Quality score needs review

Supporting checks

Trust signals behind the decision

README/SKILL.md completeness

warn

74

Public metadata needs stronger README/SKILL.md context

Recent maintenance

warn

62

10mo since push

Alternatives available

pass

82

Alternative skills are available for comparison.