cicd-generation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or persistence mechanisms were detected. The skill follows defensive best practices.\n- [EXTERNAL_DOWNLOADS]: The skill templates reference official GitHub Actions from trusted organizations (GitHub and AWS). These are standard for CI/CD and are handled neutrally as they are part of the intended functionality.\n- [PROMPT_INJECTION]: The skill addresses indirect prompt injection risks by defining strict validation for external inputs. Ingestion points: Repository analysis in Step 1. Boundary markers: Explicit sanitization rules for filenames and action references. Capability inventory: Generation of YAML workflow files. Sanitization: Rejection of shell metacharacters, null bytes, and path traversal sequences.\n- [CREDENTIALS_UNSAFE]: The skill includes explicit guidelines to avoid hardcoding secrets, recommending OIDC for secure cloud authentication and minimal permission sets for workflow jobs.
Audit Metadata