onboardingV2
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs companion agent skills (e.g.,
mcp-configure,sdk-install,launchdarkly-flag-create) from the vendor's official GitHub repositories (launchdarkly/experimental-agent-skillsandlaunchdarkly/agent-skills). - [COMMAND_EXECUTION]: Executes shell commands to detect project structure, check port availability (e.g.,
lsof), and install SDK dependencies using native package managers (npm, pip, dotnet, etc.). - [CREDENTIALS_UNSAFE]: Safely manages LaunchDarkly SDK keys and API access tokens. It uses mandatory decision points (D7 and D4-LOCAL) to ensure the user explicitly approves how secrets are stored, recommending
.envfiles and verifying they are listed in.gitignoreto prevent credential leakage. - [SAFE]: The skill implements experience detection to adjust its guidance level and follows strict sequence enforcement to ensure security configurations, such as MCP authorization, are verified before proceeding.
Audit Metadata