deploy-and-ci
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structured guidance for repository analysis and CI/CD setup, identifying standard project files such as package.json and pyproject.toml without executing their content.
- [SAFE]: Explicit security instructions are provided to avoid logging secrets and to prioritize OIDC for secure publishing to registries like PyPI and npm.
- [SAFE]: Platform-specific guidance for Cloudflare, Vercel, and AWS encourages using official documentation and secure credential management, such as short-lived tokens.
- [SAFE]: Verification steps involve clean environment checks and smoke tests, which are standard practices for ensuring deployment integrity.
- [SAFE]: No malicious obfuscation, command injection, or data exfiltration patterns were identified across the skill's instructions and reference files.
Audit Metadata