project-tooling
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes instructions to install CLI tools from well-known services, including the GitHub CLI, Vercel CLI, and Supabase CLI. These installations use standard, official package management sources.
- [COMMAND_EXECUTION]: It provides a bash verification script and numerous CLI commands for project setup, repository management, and deployment automation. These operations are routine development tasks and utilize standard tooling.
- [DATA_EXFILTRATION]: The skill documents how to interact with the Render API using
curlfor deployment operations. These network requests are directed at the official service provider's endpoints for the intended technical functionality. - [CREDENTIALS_UNSAFE]: The skill actively promotes secure credential management by flagging hardcoded secrets as an anti-pattern and providing clear instructions for using environment variables and GitHub Secrets to handle API keys and tokens.
Audit Metadata