morphe
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local build commands and packaging utilities such as zip and esbuild to prepare applications for the Morphe runtime.
- [EXTERNAL_DOWNLOADS]: Interacts with the Morphe service at morphe.zenmux.app for user authentication, obtaining presigned upload URLs, and triggering deployments.
- [CREDENTIALS_UNSAFE]: Accesses and manages authentication tokens stored in the sensitive file path ~/.morphe/auth.json, employing 0600 file permissions to ensure data privacy.
- [COMMAND_EXECUTION]: Utilizes system utilities like curl for high-performance file uploads to cloud storage via presigned URLs and zip for archive creation.
Audit Metadata