setup-cms
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts to detect CMS types and perform connection preflight checks. These scripts are referenced via a local directory variable and are used strictly for verification and detection logic.
- [CREDENTIALS_UNSAFE]: Sensitive information such as API keys and application passwords are collected via user prompts and stored in a local
.env.localfile. This is consistent with recommended secret management practices for local development environments and does not involve hardcoded credentials. - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. Network connectivity tests are confined to the official API endpoints of the supported CMS platforms as part of the configuration process.
Audit Metadata