Skills
skills/mondaycom/agentic-monday/monday-code-deploy/Gen Agent Trust Hub

monday-code-deploy

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute local build scripts (npm run build) and deployment commands through the mapps CLI tool.
  • [EXTERNAL_DOWNLOADS]: Instructions describe installing the @mondaycom/apps-cli tool from the official NPM registry, which is the vendor-provided utility for platform interaction.
  • [CREDENTIALS_UNSAFE]: The skill provides examples of setting sensitive credentials using CLI flags (e.g., mapps code:secret -v). While this follows the vendor's documented procedures, it involves handling secrets as command-line arguments.
  • [SAFE]: All identified tools, packages, and network domains are official resources owned by the skill's author (mondaycom), and the skill's behavior is consistent with its stated purpose of application deployment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 03:27 PM
Security Audit — agent-trust-hub — monday-code-deploy