Skills
skills/akin-ozer/cc-devops-skills/jenkinsfile-validator/Gen Agent Trust Hub

jenkinsfile-validator

Warn

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill package includes multiple example files containing hardcoded sensitive information. These are explicitly labeled as "bad" examples for testing the validator's detection logic, but they consist of real-world credential patterns including:
  • Hardcoded passwords and API keys in examples/shared-library/vars/BadStep.groovy.
  • Docker login credentials, AWS Access Key IDs, and Bearer tokens in examples/bad-declarative-pipeline.Jenkinsfile.
  • Git passwords, GitHub tokens, database credentials, and a full RSA private key block in examples/bad-scripted-pipeline.Jenkinsfile.
  • [COMMAND_EXECUTION]: The skill's primary functionality is implemented through a series of bash scripts (scripts/validate_jenkinsfile.sh, scripts/validate_declarative.sh, etc.) that execute locally to analyze Jenkinsfile content. The main orchestrator script is designed to run child scripts via the bash command to ensure execution even if permissions are not set.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 28, 2026, 06:18 PM