github-workflows-ollama
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes a step to fetch the official Ollama installation script from ollama.com. This is a recognized service, and the operation is a standard part of the environment setup.\n- [COMMAND_EXECUTION]: The workflow templates demonstrate how to install the pgpm CLI tool using npm. This tool is part of the constructive-io vendor ecosystem and is used for its intended purpose of managing database extensions.\n- [REMOTE_CODE_EXECUTION]: The templates provide a command to pipe a remote script from a well-known service (ollama.com) directly to a shell for installation. This practice is documented as the standard setup procedure for this service in a Linux/CI environment.
Audit Metadata