auto-develop
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions to execute various standard NPM scripts and a local shell script (
./scripts/quality_check.sh) to support the development, testing, and quality assurance workflow. - [CREDENTIALS_UNSAFE]: The documentation mentions an API key (
ALIYUN_BAILIAN_API_KEY) and test user credentials (users.json), but follows security best practices by advising the use of native platform secret management tools and restricting credentials to isolated test environments. - [SAFE]: The technical specifications and system architecture align with the provided vendor context (alibaba) and utilize established, well-known services (Supabase, Aliyun Cloud).
- [SAFE]: No evidence of prompt injection, obfuscation, or unauthorized data exfiltration was found across the analyzed instructions and referenced documentation.
Audit Metadata