monorepo-config
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference and recommendation engine for Chromatic monorepo configurations. It does not contain any executable code, shell scripts, or instructions that would compromise the host agent or user data.
- [EXTERNAL_DOWNLOADS]: The skill provides examples for GitHub Actions configurations in
reference/snippet-catalog.md. These examples referenceactions/checkout@v4andchromaui/action@latest. These are standard, well-known, and vendor-owned CI components used for their intended purpose in the provided documentation. - [COMMAND_EXECUTION]: The documentation includes example CLI commands (e.g.,
npx nx run ui:build-storybook). These are illustrative snippets for the user to implement in their own build pipelines and are not executed by the agent itself. - [PROMPT_INJECTION]: No attempts to override system prompts, bypass safety filters, or extract sensitive instructions were found in the skill content or metadata.
- [DATA_EXFILTRATION]: The skill does not access sensitive local files or perform unauthorized network operations. Examples of credential usage (e.g.,
${{ secrets.CHROMATIC_PROJECT_TOKEN }}) follow standard secure practices for CI/CD environments.
Audit Metadata