Skills
skills/dimdasci/vps-setup/windmill-workflows/Gen Agent Trust Hub

windmill-workflows

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill configuration downloads 'pdfcpu' from its official GitHub repository, which is a trusted source for this tool.
  • [COMMAND_EXECUTION]: The provided scripts utilize Bun's shell command to run CLI tools like 'pdftotext' and 'vips'. These serve as functional templates; users should implement input validation for production use. The worker configuration also mounts the host Docker socket to enable job container management.
  • [CREDENTIALS_UNSAFE]: Documentation mentions default login credentials and example connection strings for initial configuration purposes.
  • [DATA_EXFILTRATION]: The worker service mounts the host Docker socket ('/var/run/docker.sock'), which is necessary for Windmill's operation but grants the container access to the host's Docker daemon.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:43 PM