falco
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate utility for VCL developers, including linting, testing, and formatting. The instructions are clear, purpose-built, and do not contain any attempt to override agent safety guidelines or perform unauthorized actions.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the 'falco' tool via Homebrew (
brew install falco), Go (go install github.com/ysugimoto/falco/cmd/falco@latest), or by cloning its official GitHub repository. These are standard installation methods for developer tools. - [CREDENTIALS_UNSAFE]: The documentation mentions the use of
FASTLY_API_KEYandFASTLY_SERVICE_IDfor fetching remote VCL snippets. This is a documented feature of the Falco tool and is used locally by the user. There is no evidence of these credentials being hardcoded or exfiltrated to unauthorized third parties.
Audit Metadata