chroma
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill lists standard, legitimate dependencies including
chromadbandsentence-transformersfor Python, and@chroma-core/default-embedfor Node.js. These are official packages used for vector database management and embedding generation. - [COMMAND_EXECUTION]: Documentation includes standard CLI instructions for running a local Chroma server (
chroma run). This is expected functionality for developers using self-hosted vector databases. - [SAFE]: The code samples utilize best practices by using placeholders (e.g., 'your-key') for API credentials rather than hardcoding actual secrets.
- [SAFE]: All external links point to official Chroma documentation, the official GitHub repository (chroma-core/chroma), and verified community Discord channels.
Audit Metadata