gear
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and documentation promote rigorous security practices, including SHA-pinning for GitHub Actions, non-root users for containers, and the use of 'distroless' images to minimize attack surfaces.
- [EXTERNAL_DOWNLOADS]: Reference documentation includes standard installation procedures for well-known development tools, such as the Bun runtime via official vendor URLs. These are documented neutrally as legitimate configuration steps.
- [COMMAND_EXECUTION]: The skill is designed to manage development environment tools (npm, docker, kubectl). Its core contract includes safety guardrails like 'diagnose before fixing', change limits per session, and mandatory build verification after modifications.
Audit Metadata