chromatic-monorepo-config
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill's instructions or reference materials. The skill's primary function is to provide architectural and configuration recommendations for Chromatic monorepo setups.
- [CREDENTIALS_UNSAFE]: The skill promotes secure handling of sensitive data by recommending that users store project tokens in GitHub Action secrets (e.g.,
${{ secrets.CHROMATIC_PROJECT_TOKEN }}) rather than hardcoding them. - [EXTERNAL_DOWNLOADS]: The skill references official resources from the vendor (e.g.,
chromaui/action). These are expected for the skill's functionality and do not introduce external risks. - [PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected. The instructions are focused on technical auditing and follow structured rubrics.
Audit Metadata