agent-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides a Dockerfile that downloads an installation script from the official claude.ai domain. This is an expected behavior for configuring the Claude CLI environment mentioned in the guide.
- [COMMAND_EXECUTION]: Contains templates for shell commands used in project initialization, session management, and Git workflows. These are intended for user-led productivity and setup within a development environment.
- [DATA_EXFILTRATION]: Mentions the use of environment variables to pass API keys into a local Docker sandbox. This is a standard configuration practice for local development and does not represent an exfiltration risk or hardcoded secret within the skill code.
Audit Metadata