openwork-orchestrator-npm-publish
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security vulnerabilities were identified during the analysis of the skill instructions and scripts.
- [COMMAND_EXECUTION]: The skill uses standard package management tools like
pnpmandnpm, and the GitHub CLI (gh), to automate building, tagging, and publishing releases. These operations are consistent with the skill's stated purpose. - [CREDENTIALS_UNSAFE]: The skill mentions the use of an
NPM_TOKENbut correctly follows security best practices by advising users to store it in a.envfile rather than hardcoding it in scripts.
Audit Metadata