claude-code-expert
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational content and templates for project configuration without executing malicious commands.
- [SAFE]: The documentation explicitly warns against committing credentials or
.envfiles to repositories. - [SAFE]: Configuration examples for MCP servers use environment variable interpolation (e.g.,
${GITHUB_TOKEN}) rather than hardcoding sensitive tokens. - [SAFE]: External references to Node.js packages (e.g.,
@anthropic/mcp-server-slack,@modelcontextprotocol/server-github) target official and well-known repositories within the developer ecosystem.
Audit Metadata