skills/jeremylongshore/claude-code-plugins-plus-skills/coderabbit-multi-env-setup/Gen Agent Trust Hub
coderabbit-multi-env-setup
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_EXECUTION]: The skill uses a dynamic import pattern to load configuration files based on the environment. This is implemented securely by validating the environment name against a strict whitelist ('development', 'staging', 'production') before loading the file, which prevents potential path traversal or arbitrary code execution from untrusted environment variables.
- [COMMAND_EXECUTION]: The skill requests and demonstrates usage of cloud provider CLIs and HashiCorp Vault. This functionality is intended for secure secret retrieval as part of the primary purpose of setting up development environments.
- [DATA_EXPOSURE]: No hardcoded credentials or sensitive data were found. The skill uses placeholders for API keys and appropriately directs users toward secure secret management services for handling production credentials.
Audit Metadata