depot-github-runners
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill primarily serves as a reference for configuring GitHub Actions workflow files with specific runner labels (e.g., depot-ubuntu-24.04).
- [NO_CODE]: No executable scripts, binaries, or code files are included in the skill package; it consists entirely of markdown documentation and interface configuration.
- [SAFE]: No prompt injection or instructions to bypass safety guidelines were found in the markdown content.
- [SAFE]: External references to status pages (status.depot.dev) and well-known GitHub Actions (mxschmitt/action-tmate) are used appropriately for troubleshooting and debugging purposes.
- [SAFE]: References to credentials, such as DEPOT_TOKEN, are provided as guidance for user-managed secrets and do not contain hardcoded sensitive information.
Audit Metadata