gitops-repo-audit
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured auditing workflow using local bash scripts (
discover.sh,validate.sh,check-deprecated.sh) and well-known DevOps tools such asflux,kustomize,kubeconform, andyq. All operations are performed on the local file system within the scope of the repository provided by the user. - [SAFE]: The 'Security Review' phase (Phase 5) is designed to help users identify potential risks in their own configurations, such as plain-text secrets or insecure source references. This is the primary purpose of the skill and does not involve exfiltrating detected data to external entities.
- [SAFE]: External URL references are limited to official documentation for Flux CD (
fluxcd.io) and the Flux Operator (fluxoperator.dev), which are consistent with the vendor context and provide legitimate migration and installation guidance. - [SAFE]: No evidence of prompt injection, obfuscation, privilege escalation, or persistence mechanisms was found. The instructions are transparent and align with the stated purpose of manifest validation and security auditing.
Audit Metadata