didit-proof-of-address
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with official vendor domains
verification.didit.meandapx.didit.me. These are legitimate endpoints belonging to the skill author (didit-protocol) used for document verification and programmatic account management. - [SAFE]: Authentication is handled correctly via the
DIDIT_API_KEYenvironment variable, which is passed in thex-api-keyheader of HTTPS requests. No hardcoded credentials or secrets were found in the scripts or documentation. - [SAFE]: The Python script
scripts/verify_address.pyperforms standard file handling and network operations. It opens a local file specified by the user and uploads it to the vendor's API via a secure POST request. No suspicious command execution or obfuscation was detected.
Audit Metadata