turborepo
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of technical documentation and architectural guidance for Turborepo. It does not contain executable scripts or commands that perform dangerous operations.
- [SAFE]: External tools and packages mentioned (such as syncpack, manypkg, sherif, and turbo-ignore) are well-known, legitimate utilities in the JavaScript monorepo ecosystem.
- [SAFE]: Security instructions regarding credential management (e.g., TURBO_TOKEN, API_KEY) follow industry best practices, advising the use of environment variables and CI/CD secrets rather than hardcoded values.
- [SAFE]: No evidence of prompt injection, obfuscation, or data exfiltration was detected. The instructions are aligned with the stated purpose of build system optimization.
Audit Metadata