Skills
skills/netresearch/typo3-core-contributions-skill/typo3-core-contributions/Gen Agent Trust Hub

typo3-core-contributions

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes automation scripts that run standard development commands to facilitate contributions.
  • scripts/setup-typo3-coredev.sh executes git, ddev, composer, and ssh commands to initialize the environment and test service connectivity.
  • scripts/validate-commit-message.py uses subprocess.run to call git log and retrieve commit data for validation against project standards.
  • [EXTERNAL_DOWNLOADS]: The skill automates the retrieval of official project resources from established domains.
  • scripts/setup-typo3-coredev.sh clones the TYPO3 source code from the official GitHub organization.
  • scripts/create-forge-issue.sh and scripts/query-forge-metadata.sh interact with the official TYPO3 Forge API to manage development tasks.
  • [SAFE]: Analysis of the skill's scripts and documentation reveals a secure design that aligns with its stated purpose.
  • Credentials such as the Forge API key are managed via environment variables rather than being hardcoded.
  • Security documentation within the skill explicitly warns against the exposure of private SSH keys and emphasizes the use of official project infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:35 PM