obsidian-ci-integration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides configuration templates for GitHub Actions workflows and a helper script for versioning. All actions and commands are standard for the stated purpose of automating builds and releases.
- [EXTERNAL_DOWNLOADS]: The workflows reference official GitHub Actions (
actions/checkout,actions/setup-node,actions/upload-artifact) and well-known community actions (softprops/action-gh-release,codecov/codecov-action). These are established, widely-used tools in the developer ecosystem. - [COMMAND_EXECUTION]: The skill uses standard npm commands (
npm ci,npm run build,npm test) and shell utilities (jq,grep,zip) for manifest validation and artifact preparation. All execution is scoped to the build and release process within a CI/CD environment. - [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration. Network operations are limited to standard CI/CD tasks like fetching dependencies via npm and uploading coverage reports to Codecov.
- [PROMPT_INJECTION]: The instructions do not contain patterns designed to bypass agent safety filters or override system instructions.
Audit Metadata