workspace
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Pulls the base container image from the vendor's official GitHub Container Registry (ghcr.io/allenai/asta:latest).
- [EXTERNAL_DOWNLOADS]: Fetches the skills package from the NPM registry using npx to initialize the environment plugins.
- [COMMAND_EXECUTION]: Automated setup via postCreateCommand and postAttachCommand installs plugins and starts a documentation preview service inside the container.
- [SAFE]: Implements secure token handling by interpolating the ASTA_TOKEN from the host environment instead of hardcoding credentials.
Audit Metadata