secrets-management
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive instructional content for implementing secrets management using well-known services like HashiCorp Vault, AWS Secrets Manager, and Azure Key Vault.
- [SAFE]: All code snippets use generic placeholders for credentials (e.g., 'admin', 'password', 'super-secret-password') and explicitly advise against hardcoding sensitive information in source control.
- [SAFE]: External dependencies, such as GitHub Actions and container images, are sourced from well-known organizations and security vendors (e.g., HashiCorp, AWS, Truffle Security).
- [SAFE]: The skill promotes security best practices, including secret rotation, audit logging, least-privilege access, and the use of automated secret scanning tools.
Audit Metadata