Skills
skills/metalbear-co/skills/mirrord-ci/Gen Agent Trust Hub

mirrord-ci

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious instructions, obfuscation, or unauthorized data access patterns were detected across the skill files.
  • [COMMAND_EXECUTION]: The skill documents the use of standard CLI tools (mirrord, kubectl) required for Kubernetes CI integration. These commands are well-scoped to the skill's stated purpose of managing CI environments.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive variables such as KUBECONFIG and MIRRORD_CI_API_KEY by correctly instructing users to manage them as platform-specific secrets (e.g., GitHub Secrets, GitLab CI variables) rather than hardcoding them.
  • [REMOTE_CODE_EXECUTION]: The skill contains explicit warnings against using unverified remote pipe-to-shell installations, instead recommending pre-built trusted images or official package managers with pinned versions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:50 AM