chroma
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists exclusively of Markdown documentation files (SKILL.md and references/integration.md) and does not include any executable scripts, binaries, or configuration files.
- [SAFE]: Installation instructions refer to well-known libraries in official package registries such as PyPI and NPM.
- [SAFE]: Code examples use placeholders (e.g., 'your-key') for sensitive information like API keys, following security best practices.
- [SAFE]: External links point to official project documentation on trychroma.com, the official GitHub repository for chroma-core, and legitimate community platforms like Discord.
- [SAFE]: All filesystem operations described in the documentation pertain to the database's persistence directory (e.g., './chroma_db'), which is standard functionality for the tool.
Audit Metadata