Skills
skills/constructive-io/constructive-skills/environment-configuration/Gen Agent Trust Hub

environment-configuration

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill acts as a documentation resource for the @pgpmjs/env package. Analysis of the 10 threat categories confirms the absence of malicious intent or unsafe operations.
  • [EXTERNAL_DOWNLOADS]: The skill mentions the installation of the @pgpmjs/env package via pnpm. This package is a vendor-owned resource associated with the author 'constructive-io'.
  • [COMMAND_EXECUTION]: Documentation provides examples of standard development commands, such as pnpm add and eval "$(pgpm env)". These are intended for local environment setup by the developer.
  • [DATA_EXPOSURE]: While the skill lists environment variables for sensitive data like PGPASSWORD and AWS_SECRET_ACCESS_KEY, it does so for configuration purposes. No evidence of hardcoded credentials or data exfiltration was found; example JSON blocks use generic placeholders.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:14 AM