setup-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the '@puzzmo/cli' package from the npm registry as a development dependency. This is a standard procedure for using the vendor's official command-line tools.
- [COMMAND_EXECUTION]: The instructions suggest adding build and upload scripts to the 'package.json' file using the 'puzzmo' CLI command. These commands are localized to the project's build and deployment workflow.
- [CREDENTIALS_UNSAFE]: The documentation mentions using an authentication token with the 'puzzmo login' command. The use of a placeholder '' is standard for documentation and does not include hardcoded credentials. Additionally, the skill explicitly recommends adding '.env' to '.gitignore', which is a security best practice for protecting secrets.
Audit Metadata