checkov
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security risks were identified. The skill provides standard documentation and installation instructions for a legitimate security utility.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to install the Checkov package and run security scans (e.g.,
pip install checkov,checkov -d .), which is the expected behavior for a CLI tool. - [EXTERNAL_DOWNLOADS]: The skill references the official Checkov package from the public Python registry (PyPI) and well-known GitHub Actions from Bridgecrew and GitHub. These are established and trusted sources within the development ecosystem.
Audit Metadata