ci-generate
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Executes a local shell command to validate the syntax of generated YAML files.
- Evidence: The skill uses
python3 -c "import yaml; yaml.safe_load(open('.github/workflows/ci.yml'))"in Phase 5.1 to verify configuration integrity. - [EXTERNAL_DOWNLOADS]: Triggers external web searches to identify current industry best practices.
- Evidence: Phase 2 instructions direct the agent to query for platform-specific best practices and security scanning tools.
- [SAFE]: Implements a standard data ingestion and file generation workflow with safety checks.
- Ingestion points: Reads local project files like
package.json,pyproject.toml, and.node-versionin Phase 1. - Boundary markers: Explicitly instructs the agent to verify that discovered commands exist before referencing them and to use exact discovered commands without invention.
- Capability inventory: Performs file system reads and writes, and executes local validation commands as specified in Phase 4 and Phase 5.
- Sanitization: Employs
yaml.safe_load()for validation, which is the recommended method for preventing unsafe YAML deserialization.
Audit Metadata