authoritative-server
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install official Decentraland SDK packages from the @dcl scope, specifically using the auth-server tags. These are legitimate vendor resources required for the functionality described.
- [COMMAND_EXECUTION]: Provides instructions for using standard Decentraland CLI tools (npx sdk-commands) for deploying environment variables and running previews. These commands are part of the intended developer workflow.
- [PROMPT_INJECTION]: A note in the documentation advises the agent not to instruct the user to run internal background processes manually. This is intended to prevent user confusion regarding the preview tool's internal operations rather than to conceal malicious behavior.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing users to use .env files for sensitive configuration and ensuring they are added to .gitignore to prevent accidental exposure.
Audit Metadata