ci-cd-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The provided templates for Docker Compose and GitHub Actions workflows include default passwords ('test' and 'postgres'). These are explicitly scoped to local development or ephemeral test environments (e.g., localhost services) and serve as functional placeholders for CI demonstrations.
- [EXTERNAL_DOWNLOADS]: The CI workflows and Dockerfiles fetch resources from well-known and trusted providers. This includes official GitHub Actions (actions/checkout, actions/setup-node) and verified Docker Hub images (node:alpine, postgres:alpine, redis:alpine).
- [COMMAND_EXECUTION]: The skill provides scripts and configurations that leverage standard command-line interfaces for DevOps tasks, including Git, NPM, Docker, AWS CLI, and Kubernetes (kubectl). These operations are consistent with the skill's primary function of CI/CD orchestration.
Audit Metadata