cmux-dev-workflow

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructions for managing local development workflows using standard tools (Xcode, Zig) and local scripts. No malicious patterns such as remote code execution, data exfiltration, or obfuscation were detected.
  • [COMMAND_EXECUTION]: The instructions involve executing local repository scripts like ./scripts/setup.sh, ./scripts/reload.sh, and zig build. These commands are standard for project setup and compilation and do not utilize untrusted external inputs.
  • [DATA_EXFILTRATION]: Development communication is restricted to local temporary sockets (e.g., /tmp/cmux-debug-<tag>.sock) and CLI tools. There is no evidence of network-based exfiltration or access to sensitive user data like SSH or AWS credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:01 PM
Security Audit — agent-trust-hub — cmux-dev-workflow