rde-eval

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: References the author's GitHub repositories (github.com/millionco/react-doctor and github.com/millionco/react-doctor-evals) to fetch the harness and the monorepo being tested.
  • [EXTERNAL_DOWNLOADS]: Uses standard package management commands (pnpm install) to set up the local development environment.
  • [COMMAND_EXECUTION]: Instructs the user to run local CLI tools via Node.js (node dist/cli.js) to process the repository corpus and generate parity reports.
  • [SAFE]: Recommends the use of a .env.local file for managing sensitive API tokens (VERCEL_TOKEN, AXIOM_TOKEN), which is an industry-standard practice for secret management.
  • [SAFE]: Includes a diagnostic curl command for verifying Vercel token connectivity against the official Vercel API endpoint (api.vercel.com).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 06:43 AM
Security Audit — agent-trust-hub — rde-eval