astro-audit
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a collection of auditing guidelines and scripts designed to verify the security and performance of an Astro project.
- [COMMAND_EXECUTION]: The skill provides scripts and commands for local auditing tasks, such as secret scanning using
grep, code quality checks withastro check, and bundle analysis. These operations are restricted to the local project environment. - [EXTERNAL_DOWNLOADS]: The skill references and utilizes well-known, industry-standard auditing tools via
npx, including@axe-core/cli,pa11y,lighthouse,depcheck,playwright, andpurgecss. These are legitimate development dependencies. - [CREDENTIALS_UNSAFE]: The skill contains logic specifically designed to prevent the accidental exposure of credentials. It provides extensive patterns for secret scanning and correctly identifies hardcoded secrets as a blocking issue for release. All secrets mentioned in the documentation are non-functional placeholders or examples.
Audit Metadata