skills/dnyoussef/ai-chrome-extension/when-verifying-quality-use-verification-quality/Gen Agent Trust Hub
when-verifying-quality-use-verification-quality
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes well-known development tools such as ESLint, SonarScanner, Jest, Cypress, Playwright, and Newman for their intended purposes of static and dynamic analysis.
- [SAFE]: Command execution is restricted to local project scripts (
npm run), standard CLI utilities, and framework-specific runners within the testing environment. - [SAFE]: Data processing involves aggregating locally generated JSON reports and formatting them into Markdown, HTML, and PDF artifacts without executing untrusted remote code.
- [SAFE]: The use of cryptographic signing via
opensslfor the certification phase is a standard practice for maintaining an audit trail and ensuring build integrity. - [SAFE]: Environment variables are used for sensitive configurations like
SONAR_TOKEN, following best practices for secret management in automated pipelines.
Audit Metadata