gradle-performance-optimization
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The skill provides standard Gradle configuration settings and commands intended for performance optimization.
- [EXTERNAL_DOWNLOADS]: References well-known and trusted services such as Gradle Build Scans (scans.gradle.com) and official GitHub Actions (gradle/actions/setup-gradle). These references are documented neutrally as they target trusted organizations and well-known services.
- [COMMAND_EXECUTION]: Instructs the use of the Gradle Wrapper (./gradlew) for building, profiling, and managing daemons. This is the intended and standard method for interacting with Gradle projects and does not involve unauthorized privilege escalation or persistence.
- [CREDENTIALS_UNSAFE]: The skill correctly demonstrates the use of environment variables (e.g., System.getenv("CACHE_PASSWORD")) and CI secrets (${{ secrets.GRADLE_ENCRYPTION_KEY }}) for handling sensitive credentials, avoiding hardcoded secrets.
Audit Metadata