Skills
skills/ehtbanton/claudeskillsrepo/github-actions-workflow/Gen Agent Trust Hub

github-actions-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides templates for generating GitHub Actions workflows.
  • All templates use versioned actions from reputable sources (e.g., @v4, @v5).
  • The skill does not perform any operations beyond generating text files.
  • [EXTERNAL_DOWNLOADS]: The generated workflows reference external actions and package managers.
  • References official GitHub and Docker actions which are trusted sources.
  • Includes community-maintained actions such as pnpm/action-setup and codecov/codecov-action which are industry standard.
  • [CREDENTIALS_UNSAFE]: The skill correctly handles sensitive data via placeholders and secrets.
  • Workflows demonstrate the use of GitHub Secrets for tokens and keys.
  • Non-sensitive test credentials (e.g., test-jwt-secret-for-ci) are used appropriately for CI environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:29 AM