apple-mac-cicd

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill guides the user through the standard Apple Developer ID signing and notarization process using official tools like notarytool and stapler and follows industry best practices for macOS software distribution.
  • [COMMAND_EXECUTION]: The skill includes shell scripts (validate-secrets.sh, scaffold-release-workflow.sh) designed to assist in repository setup. These scripts perform local environment checks and generate GitHub Actions workflow files using functional patterns for project initialization.
  • [EXTERNAL_DOWNLOADS]: The generated CI/CD workflows reference official and well-known GitHub Actions from the actions and pnpm organizations to handle repository operations, dependency management, and release publishing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 02:00 AM
Security Audit — agent-trust-hub — apple-mac-cicd