Skills
skills/aiskillstore/marketplace/devops-deployment/Gen Agent Trust Hub

devops-deployment

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The development environment configuration contains hardcoded default credentials intended for local use.
  • Evidence: templates/docker-compose.yml specifies POSTGRES_PASSWORD: postgres and DATABASE_URL=postgresql://postgres:postgres@db:5432/app.
  • [EXTERNAL_DOWNLOADS]: The skill templates reference external GitHub Actions and Terraform modules from third-party repositories.
  • Evidence: templates/github-actions-pipeline.yml uses aquasecurity/trivy-action@master and several official Docker and GitHub actions.
  • Evidence: templates/terraform-aws.tf references community-maintained modules from terraform-aws-modules via the Terraform Registry.
  • [COMMAND_EXECUTION]: The CI/CD pipeline templates define shell commands for building, testing, and auditing the application code.
  • Evidence: templates/github-actions-pipeline.yml includes automated steps executing npm ci, npm test, and npm audit in an ephemeral runner environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 10:38 AM