letsencrypt
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
sudofor administrative tasks including package installation (apt install), service management (systemctl), and certificate generation (certbot). This level of privilege is necessary for the skill's primary purpose of managing system-wide TLS certificates. - [EXTERNAL_DOWNLOADS]: Instructions include downloading the
certbotandpython3-certbot-nginxpackages from official operating system repositories. This is a standard and expected operation for the described functionality. - [COMMAND_EXECUTION]: The Docker configuration for Traefik mounts the host's Docker socket (
/var/run/docker.sock). While this is the standard configuration for Traefik to dynamically discover and secure containers, it represents a high-privilege capability that should be used cautiously.
Audit Metadata