nika-authoring
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a technical documentation and style guide for the Nika workflow language, promoting secure development lifecycle practices.
- [COMMAND_EXECUTION]: While the skill describes how to use shell commands via the
exec:verb, it mandates a 'Native-first' policy that requires authors to exhaust built-in tools (likenika:read,nika:write, andnika:fetch) before resorting to shell execution. It also requires an 'Exec ledger' to justify any remaining shell commands. - [CREDENTIALS_UNSAFE]: The instructions explicitly promote secure secret handling, directing users to use environment or secret variables (
${{ secrets.X }}) and forbidding the inlining of credentials or their exposure in command arguments. - [DATA_EXFILTRATION]: The skill provides guidance on using
nika:fetchfor network operations but requires explicit declaration of egress sinks and secret masking in headers, which are standard security controls for workflow engines.
Audit Metadata