os-rocky-alma

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references and downloads migration scripts (such as migrate2rocky.sh and almalinux-deploy.sh) directly from the official Rocky Linux and AlmaLinux GitHub repositories and project domains. These sources are authoritative and trusted for the distribution's maintenance tasks.
  • [COMMAND_EXECUTION]: Provides several diagnostic shell scripts (scripts/01-system-health.sh, scripts/02-migration-check.sh, etc.) designed to audit system state. These scripts use standard Linux utilities like rpm, dnf, and uname to collect information without modifying the system configuration.
  • [SAFE]: The skill emphasizes security controls such as GPG key verification and the importance of enabling gpgcheck for repositories. No obfuscation, data exfiltration, or unauthorized persistence mechanisms were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 04:59 PM
Security Audit — agent-trust-hub — os-rocky-alma