ideogram-ci-integration
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configures GitHub Actions that utilize official and trusted actions from the 'actions' organization, specifically 'actions/checkout' and 'actions/setup-node'. These are well-known, official services provided by GitHub.
- [CREDENTIALS_UNSAFE]: The documentation includes a placeholder string 'sk_test_***' as an example for an Ideogram API key. This is a redacted placeholder intended for demonstration purposes and does not represent a hardcoded secret.
- [COMMAND_EXECUTION]: The skill uses the 'gh' (GitHub CLI) tool to manage repository secrets. This access is explicitly scoped and restricted in the YAML frontmatter to 'gh:*' commands, following the principle of least privilege.
Audit Metadata