Skills
skills/vibeeval/vibecosystem/ci-pipeline-patterns/Gen Agent Trust Hub

ci-pipeline-patterns

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and templates for CI/CD workflows using standard industry practices.
  • [EXTERNAL_DOWNLOADS]: The skill references official GitHub Actions and well-known third-party actions including:
  • actions/checkout@v4 (GitHub official)
  • actions/setup-node@v4 (GitHub official)
  • actions/upload-artifact@v4 (GitHub official)
  • actions/cache@v4 (GitHub official)
  • docker/build-push-action@v5 (Docker official)
  • trufflesecurity/trufflehog@main (Truffle Security)
  • github/codeql-action/analyze@v3 (GitHub official)
  • dorny/paths-filter@v3 (Well-known community action)
  • [COMMAND_EXECUTION]: Includes standard CI commands such as npm ci, npm run lint, npx nx, and npx turbo. These are used within the context of build pipeline templates and do not represent a security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 05:43 PM
Security Audit — agent-trust-hub — ci-pipeline-patterns