turborepo
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for configuring and optimizing Turborepo monorepos. It provides structured workflows and best-practice patterns without introducing executable malicious code.
- [SAFE]: Instructional language and structural warnings (e.g., regarding 'Root Tasks' or 'globalDependencies') are domain-specific best practices and do not constitute prompt injection or safety bypass attempts.
- [SAFE]: Environment variables and secrets mentioned in the documentation (such as 'TURBO_TOKEN', 'API_KEY', or 'AWS_SECRET_KEY') are consistently treated as placeholders or configuration examples, encouraging secure management practices like using '.env' files and CI secrets.
- [SAFE]: External references and dependencies are limited to well-known, trusted technology services (Vercel, GitHub) and established community tools for monorepo management (e.g., 'syncpack', 'manypkg', 'sherif').
Audit Metadata