nika-authoring

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill acts as a technical documentation and style guide for the Nika workflow language, promoting secure development lifecycle practices.
  • [COMMAND_EXECUTION]: While the skill describes how to use shell commands via the exec: verb, it mandates a 'Native-first' policy that requires authors to exhaust built-in tools (like nika:read, nika:write, and nika:fetch) before resorting to shell execution. It also requires an 'Exec ledger' to justify any remaining shell commands.
  • [CREDENTIALS_UNSAFE]: The instructions explicitly promote secure secret handling, directing users to use environment or secret variables (${{ secrets.X }}) and forbidding the inlining of credentials or their exposure in command arguments.
  • [DATA_EXFILTRATION]: The skill provides guidance on using nika:fetch for network operations but requires explicit declaration of egress sinks and secret masking in headers, which are standard security controls for workflow engines.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 09:48 PM
Security Audit — agent-trust-hub — nika-authoring