posthog-ci-integration
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh) to set repository secrets and standard Node.js package manager commands (npm ci,npm test,npm publish). These are appropriate for the skill's stated purpose of CI/CD integration. - [EXTERNAL_DOWNLOADS]: The provided GitHub Action workflows reference official, well-known actions from the 'actions' organization (
actions/checkout@v4,actions/setup-node@v4). This is standard practice and does not involve untrusted remote code. - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. The skill correctly guides the user to store sensitive API keys in GitHub Secrets rather than hardcoding them in the source code.
Audit Metadata