skills/jeremylongshore/claude-code-plugins-plus-skills/customerio-prod-checklist/Gen Agent Trust Hub
customerio-prod-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices for deployment automation, such as verifying credentials in environment variables rather than hardcoding them.
- [COMMAND_EXECUTION]: The skill includes shell scripts for credential verification and smoke testing. These scripts perform transparent diagnostic tasks, such as checking for the presence of environment variables and verifying API responses.
- [EXTERNAL_DOWNLOADS]: The smoke test script uses
curlto communicate withhttps://track.customer.io. This is a well-known service domain that is directly related to the skill's purpose, and the interaction is restricted to standard API connectivity checks. - [DATA_EXFILTRATION]: While the skill utilizes the
CUSTOMERIO_API_KEYfor authentication during testing, it only transmits this sensitive information to the official Customer.io API endpoint. No suspicious network activity or transmission to unauthorized domains was found.
Audit Metadata