artifact-management
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill consists of informational templates and configuration examples.
- [EXTERNAL_DOWNLOADS]: The skill references official images from Docker Hub (e.g., node:18-alpine) and well-known GitHub Actions (e.g., actions/checkout, docker/build-push-action). These references are standard for the described use case and point to trusted or well-known sources.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets or credentials were found. Examples demonstrate best practices by using secure placeholders such as GITHUB_TOKEN and CI_JOB_TOKEN for authentication.
- [COMMAND_EXECUTION]: Shell scripts and Dockerfiles contained within the examples use standard commands for building and versioning (e.g., git rev-parse, npm ci) which are appropriate for artifact management workflows.
Audit Metadata