codspeed-setup-harness
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill's instructions are consistent with its stated purpose of setting up performance benchmarking harnesses.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing official benchmarking plugins and compatibility libraries such as
pytest-codspeed,@codspeed/vitest-plugin, andcodspeed-*-compatfor Rust. These resources are provided by the vendor (CodSpeedHQ) or established ecosystems. - [COMMAND_EXECUTION]: It guides the user to execute standard development commands (e.g.,
npm install,pip install,cargo add,go test) and the vendor's own CLI tool (codspeed). These operations are necessary for the skill's functionality and are performed on the user's local project environment. - [CREDENTIALS_UNSAFE]: While the skill mentions
codspeed auth login, this is a standard authentication procedure for the service and does not involve hardcoded secrets or unsafe credential handling within the skill itself.
Audit Metadata