Skills
skills/laurigates/claude-plugins/finops-workflows/Gen Agent Trust Hub

finops-workflows

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard GitHub CLI commands (gh api, gh workflow, gh repo) and helper shell scripts to aggregate workflow statistics. These are the primary purpose of the skill and utilize restricted tool access.
  • [EXTERNAL_DOWNLOADS]: No external packages or remote code are downloaded. It relies on the pre-installed GitHub CLI (gh).
  • [DATA_EXFILTRATION]: No data is sent to external servers. All analysis results are printed to the standard output for the user.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. The skill uses the active shell's GitHub authentication context via the gh tool.
  • [DYNAMIC_CONTEXT_INJECTION]: A dynamic context call !git remote get-url origin is used in the SKILL.md file to determine the current repository. This is a benign use of the feature for context discovery.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM