Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/alchemy-ci-integration/Gen Agent Trust Hub

alchemy-ci-integration

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides GitHub Actions workflow templates that properly use GitHub Secrets (${{ secrets.ALCHEMY_API_KEY }}, ${{ secrets.DEPLOYER_PRIVATE_KEY }}) to handle sensitive credentials, ensuring they are not hardcoded in the codebase.
  • [SAFE]: A preventative security step is included in the CI workflow that uses grep to scan build artifacts for leaked API keys, which is an industry-standard safety practice.
  • [SAFE]: The provided Hardhat configuration uses environment variables (process.env.ALCHEMY_API_KEY) to dynamically load credentials, preventing exposure in configuration files.
  • [SAFE]: All requested tools (Read, Write, Edit, Bash, Grep) are necessary and proportional to the skill's purpose of managing project configuration files and running tests.
  • [SAFE]: No patterns of prompt injection, data exfiltration, or unauthorized remote code execution were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 09:29 PM