capacitor-ci-cd
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains standard documentation and configuration templates for automating application builds and deployments.
- [CREDENTIALS_UNSAFE]: The templates correctly implement secure secrets management by utilizing environment variables and CI/CD platform secrets (e.g., GitHub Secrets) for sensitive data like API tokens, certificates, and passwords. No hardcoded credentials or private keys were found.
- [EXTERNAL_DOWNLOADS]: The workflows reference standard and well-known GitHub Actions (e.g.,
actions/checkout,ruby/setup-ruby,actions/setup-java) and install packages from official registries (NPM, RubyGems). These downloads are necessary for the primary function of building and deploying software. - [COMMAND_EXECUTION]: The provided scripts execute standard build tools (e.g.,
xcodebuild,gradlew,pod install,fastlane) required for mobile app development. All commands are intended for use within a user-controlled CI environment.
Audit Metadata