Skills
skills/laurigates/claude-plugins/configure-reusable-workflows/Gen Agent Trust Hub

configure-reusable-workflows

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill generates GitHub Action workflow files that reference remote reusable workflows hosted at laurigates/.github. These workflows are pinned to the main branch, which is a mutable reference.
  • [DATA_EXFILTRATION]: The generated workflow templates use the secrets: inherit directive. This configuration passes all repository-level secrets to the vendor's reusable workflows. While this is the standard mechanism to provide the required CLAUDE_CODE_OAUTH_TOKEN to the workflow, it also exposes other repository secrets to the remote workflow environment.
  • [COMMAND_EXECUTION]: The skill uses dynamic context injection (e.g., !find . -maxdepth 1 ...) to detect the project environment and existing configurations at load time. These commands are limited to state detection and do not incorporate unvalidated user input.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM