capacitor-ci-cd
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is a technical documentation resource for CI/CD automation. It incorporates official GitHub Actions from trusted organizations such as 'actions' (GitHub), 'ruby', and 'android-actions'.
- [COMMAND_EXECUTION]: Includes standard commands for mobile application builds, such as xcodebuild for iOS and Gradle for Android. These commands are necessary for the primary purpose of the skill and do not exhibit malicious patterns.
- [EXTERNAL_DOWNLOADS]: References the installation of common development utilities like Fastlane via RubyGems and @capgo/cli via npm. These tools are standard for Capacitor workflows and are sourced from established registries.
- [DATA_EXFILTRATION]: Demonstrates secure handling of sensitive credentials by using CI/CD environment secrets (e.g., GITHUB_TOKEN, CAPGO_TOKEN, and certificates) instead of hardcoding sensitive data. Data transmission is limited to the intended deployment targets (App Store, Google Play, and Capgo).
Audit Metadata