create-service
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill identifies deployment types and artifact sources by scanning local files such as Dockerfiles, Kubernetes manifests, and Helm charts. This file inspection is limited to configuration discovery and is consistent with the skill's primary function.
- [SAFE]: All external references point to well-known and trusted services, including Docker Hub, AWS (ECR, S3), Google Cloud (GCR, GAR, GCS), Azure (ACR), and GitHub. These are treated as safe sources for artifact and manifest storage.
- [SAFE]: Resource creation is performed through a specific MCP server tool (
harness_create), ensuring that operations are conducted within the authenticated context of the Harness platform. - [SAFE]: The skill uses placeholders and runtime inputs (e.g.,
<+input>) rather than hardcoding sensitive credentials or tokens.
Audit Metadata