bruhs
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages the end-to-end development lifecycle using established tools like git, gh, pnpm, and npx, which are standard for the intended user base.
- [SAFE]: Interaction with sensitive local configuration files (~/.claude.json) is strictly limited to discovering and configuring authorized MCP servers (specifically Linear) to enhance the user's workflow.
- [SAFE]: All remote operations, such as creating Linear tickets or GitHub Pull Requests, are performed through user-configured tools and well-known services (Linear, GitHub).
- [SAFE]: Scaffolding commands use official framework CLIs (e.g., pnpm create next-app) and reputable automation services (e.g., Blacksmith for GitHub Actions).
- [SAFE]: The 'slop' command provides valuable security-conscious static analysis, searching for common vulnerabilities like hardcoded secrets and injection patterns within the local codebase.
Audit Metadata