immich
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or unauthorized data exfiltration patterns were detected. The skill is focused on legitimate DevOps and server administration tasks.
- [EXTERNAL_DOWNLOADS]: The skill references downloading official configuration files from the well-known Immich GitHub repository (
github.com/immich-app/immich). These downloads are standard for the application's setup and are considered safe. - [COMMAND_EXECUTION]: The skill uses standard
docker composeandcurlcommands for server administration tasks such as checking logs, restarting services, and performing database backups. These commands are necessary for the skill's primary purpose. - [CREDENTIALS_UNSAFE]: While the skill mentions environment variables and API keys, it correctly uses placeholders like
your_generated_password_hereand<key>instead of hardcoding sensitive information.
Audit Metadata