miniprogram-development

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves documentation and skill references from cnb.cool, which is a Tencent Cloud Native Builder domain. It also fetches development packages from the standard npm registry as part of its documented workflow.\n- [COMMAND_EXECUTION]: Utilizes npx to execute @cloudbase/cloudbase-mcp and mcporter. These are official command-line tools provided by the author (TencentCloudBase) to manage cloud services and authentication securely.\n- [SAFE]: The skill demonstrates safe secret management by using generic placeholders for appid and env-id and explicitly instructing the AI to use device-code authentication rather than embedding static credentials in configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:46 PM
Security Audit — agent-trust-hub — miniprogram-development