sst-infra
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Infrastructure Best Practices] (SAFE): The configuration includes production protection and data retention policies for the production stage, preventing accidental deletion of critical resources.
- [Credential Management] (SAFE): The skill utilizes built-in secret management for sensitive information and leverages GitHub Actions OIDC (role-to-assume) rather than hardcoding long-lived AWS Access Keys.
- [Dependency Management] (LOW): The skill uses npx sst, which fetches the SST CLI at runtime. While standard, pinning versions is a recommended practice for deterministic deployments.
- [Dynamic Loading] (LOW): The main configuration uses dynamic imports for stack definitions. These use static relative paths to local files and do not incorporate untrusted input.
Audit Metadata