DORA Metrics and DevOps Performance
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references the official Four Keys repository from the dora-team organization on GitHub for advanced metrics implementation.
- [COMMAND_EXECUTION]: The skill provides standard GitHub Action workflow examples and shell scripts to automate the collection of deployment and incident data.
- [DATA_EXFILTRATION]: Scripts use GitHub API tokens to access repository metadata such as pull request timestamps and workflow run statuses. This is required for the intended purpose of calculating performance metrics and follows best practices for secure API usage.
Audit Metadata