app-platform-router

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing system-level commands through the doctl, gh, psql, and aws CLIs to manage DigitalOcean resources, GitHub environments, and database schemas. These operations are core to the skill's functionality and are performed via well-defined helper scripts.
  • [EXTERNAL_DOWNLOADS]: The devcontainers and troubleshooting skills reference external templates and diagnostic container images from GitHub and the GitHub Container Registry (ghcr.io/bikramkgupta/*). These resources provide the environment parity and diagnostic tools necessary for the documented workflows.
  • [SAFE]: The repository implements a 'Zero-Knowledge' credential management pattern. Scripts such as secure_setup.sh generate secure passwords locally and inject them directly into GitHub Secrets, preventing the AI agent from seeing or leaking sensitive values in its context or logs.
  • [SAFE]: Potential dynamic execution vectors (like eval and exec identified in the sandbox documentation) are part of the primary intended use case for creating isolated AI code execution environments and do not represent a vulnerability in the skill's own operational logic.
  • [SAFE]: Database management scripts use parameterized SQL construction (via psycopg2.sql.Identifier) and explicit identifier validation to protect against SQL injection when creating multi-tenant schemas and users.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 07:42 AM
Security Audit — agent-trust-hub — app-platform-router