deploying-cloud-deception-with-decoy-resources

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions promote security best practices for cloud deception, emphasizing permission-less (deny-all) principals and high-fidelity logging.
  • [SAFE]: The included Python script scripts/process.py uses standard libraries to validate and report on a local JSON inventory file, with no unauthorized network or command execution capabilities.
  • [SAFE]: External references to services such as canarytokens.org and canary.tools are relevant to the skill's domain and point to well-known, reputable security tool providers.
  • [SAFE]: A minor inconsistency was noted between the author name in the metadata and the copyright holder in the license, though this does not impact the functionality or safety of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:25 PM
Security Audit — agent-trust-hub — deploying-cloud-deception-with-decoy-resources