deco-apps-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation files describing a legitimate web framework architecture. No malicious instructions, obfuscation, or exfiltration patterns were found.
- [CREDENTIALS_UNSAFE]: The documentation describes the use of a 'Secret' type and dedicated loaders for API keys and tokens, promoting secure handling of credentials rather than hardcoding.
- [REMOTE_CODE_EXECUTION]: The skill mentions Deno tasks that fetch updates from 'https://deco.cx/run' and clone templates from the 'deco-cx' GitHub organization. These are documented as standard framework lifecycle operations from trusted vendor sources.
- [COMMAND_EXECUTION]: References to 'deno run -A' are provided in the context of development tasks for code generation and project scaffolding, which is standard for the Deno-based build system described.
Audit Metadata