cmux-dev-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for managing local development workflows using standard tools (Xcode, Zig) and local scripts. No malicious patterns such as remote code execution, data exfiltration, or obfuscation were detected.
- [COMMAND_EXECUTION]: The instructions involve executing local repository scripts like
./scripts/setup.sh,./scripts/reload.sh, andzig build. These commands are standard for project setup and compilation and do not utilize untrusted external inputs. - [DATA_EXFILTRATION]: Development communication is restricted to local temporary sockets (e.g.,
/tmp/cmux-debug-<tag>.sock) and CLI tools. There is no evidence of network-based exfiltration or access to sensitive user data like SSH or AWS credentials.
Audit Metadata