github-actions-templates
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Workflow templates reference official GitHub Actions from trusted organizations such as GitHub (
actions/), Docker (docker/), AWS (aws-actions/), Aqua Security (aquasecurity/), and Snyk (snyk/). These are used for standard CI/CD operations like code checkout, environment setup, and security scanning. - [DATA_EXFILTRATION]: The skill demonstrates secure secret management by using placeholder references to GitHub Secrets (e.g.,
${{ secrets.AWS_ACCESS_KEY_ID }},${{ secrets.SNYK_TOKEN }}) instead of hardcoding sensitive credentials. - [COMMAND_EXECUTION]: Provides standard CI/CD command patterns for tasks such as dependency installation (
npm ci), container management (docker), and Kubernetes orchestration (kubectl). These commands are appropriate for the skill's purpose of automating deployment pipelines.
Audit Metadata