swain-keys
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands through a local bash script, including
ssh-keygen,git,ssh, and the GitHub CLI (gh) to provision credentials. - [COMMAND_EXECUTION]: The skill modifies the user's SSH configuration files at
~/.ssh/configand within~/.ssh/config.d/to implement project-specific identity management. - [COMMAND_EXECUTION]: The script generates SSH keys with no passphrase to facilitate automated workflows, which is consistent with the intended purpose of the tool.
- [COMMAND_EXECUTION]: Local Git repository configuration is updated to enable commit and tag signing using the newly created keys.
Audit Metadata