clay-multi-env-setup
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill requests access to powerful CLI tools (AWS, GCP, Vault). This access is necessary and justified for the skill's stated purpose of environment configuration and secret management.
- [CREDENTIALS_UNSAFE] (SAFE): Analysis confirms that no secrets are hardcoded. API keys are appropriately represented as environment variable placeholders (e.g.,
${CLAY_API_KEY_PROD}). - [DYNAMIC_EXECUTION] (SAFE): The TypeScript example uses a dynamic
require()to load config files based on the environment. This is safely implemented with a strict whitelist (validEnvs) that prevents path traversal or arbitrary file inclusion. - [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes environment variables and local JSON files. It includes a sanitization step for the
NODE_ENVvariable to ensure only expected configuration files are loaded.
Audit Metadata