devops-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Role instructions and constraints align with senior DevOps engineering standards, emphasizing automation, resource limits, and environment segregation.
- [SAFE]: The skill explicitly mandates the use of secret managers and prohibits hardcoding credentials in code, environment variables, or CI/CD configurations.
- [SAFE]: Containerization patterns utilize multi-stage builds and minimal base images, and they enforce the use of non-root users (USER 1001) to minimize the attack surface.
- [SAFE]: External dependencies and GitHub Actions are sourced from well-known and trusted providers including Docker, HashiCorp, and the GitHub Actions organization.
- [SAFE]: Provided shell scripts for automation, evidence collection, and platform orchestration use standard CLI tools and contain no evidence of exfiltration or malicious intent.
Audit Metadata