developer
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The file is purely informational, serving as a 'Developer Instructions' manual. It describes how a tool should be built and validated, including specific sections on security best practices like pinning actions to SHAs and using environment variables to prevent template injection. No malicious patterns or unintended execution paths were found.
- [EXTERNAL_DOWNLOADS]: The documentation mentions various external URLs such as 'api.github.com' and 'github.github.com' for the purpose of explaining API interactions and providing documentation links. These are well-known technology services used appropriately within the context of the technical documentation.
- [COMMAND_EXECUTION]: The document includes examples of CLI commands and shell scripts (e.g., 'gh aw compile', 'docker pull', 'npm test'). These are provided for developer guidance and do not represent instructions for the agent to perform unauthorized or dangerous operations.
Audit Metadata