exa-multi-env-setup
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests permissions for cloud and secret management CLI tools (Bash(aws:), Bash(gcloud:), Bash(vault:*)). These permissions are necessary for its primary purpose of retrieving secrets across multiple environments.
- [SAFE]: The skill uses environment variables and placeholders (e.g., ${EXA_API_KEY}) instead of hardcoded credentials, preventing accidental exposure of sensitive data.
- [SAFE]: The dynamic loading logic for configuration files in TypeScript includes strict input validation to ensure only authorized environment configuration files are loaded.
Audit Metadata