commet
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified during the analysis. The skill facilitates standard billing operations through official vendor SDKs.
- [CREDENTIALS_UNSAFE]: The skill correctly manages sensitive data by utilizing environment variables for the
COMMET_API_KEYandCOMMET_WEBHOOK_SECRETinstead of hardcoding values. - [COMMAND_EXECUTION]: Instructions describe the use of the official
@commet/clifor authentication and project management tasks such ascommet loginandcommet pull. - [EXTERNAL_DOWNLOADS]: Dependencies and remote references are limited to official Commet packages on NPM and the vendor's own infrastructure (e.g.,
commet.co), which are legitimate for this integration.
Audit Metadata