watt
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches installation scripts and configuration schemas from well-known services and vendor-owned domains, such as fly.io and platformatic.dev.
- [REMOTE_CODE_EXECUTION]: Executes the official installation script for the Fly.io CLI via a shell pipe.
- [COMMAND_EXECUTION]: Performs various local system operations using tools like npm, npx, node, and the wattpm CLI to manage project dependencies, scaffold applications, and validate configuration files.
- [CREDENTIALS_UNSAFE]: Provides documentation and placeholders for configuring sensitive application secrets (e.g., DATABASE_URL, SESSION_SECRET, API keys) within environment files and cloud platform management tools, following standard secret management practices.
Audit Metadata