Skills
skills/harness/harness-skills/configure-secret-scan/Gen Agent Trust Hub

configure-secret-scan

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified.
  • [COMMAND_EXECUTION]: The skill utilizes the harness_update tool to modify pipeline configurations. This is the intended functionality for configuring security scans and is restricted to the Harness platform environment.
  • [CREDENTIALS_UNSAFE]: The skill correctly avoids hardcoding credentials. It explicitly instructs users to use Harness secret references (<+secrets.getValue(...)>) for scanner authentication, adhering to secure secret management practices.
  • [EXTERNAL_DOWNLOADS]: The skill references industry-standard security scanners (Gitleaks, Semgrep, Snyk, etc.) and redirects users to the official Harness platform for result viewing. These are trusted services in the context of CI/CD security.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 12:57 AM
Security Audit — agent-trust-hub — configure-secret-scan