deployment-pipeline-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown documentation and YAML/Bash templates meant for reference. No active execution logic is present within the skill's distribution.
- [COMMAND_EXECUTION] (LOW): The documentation contains examples of shell commands (
kubectl,curl,make). These are provided as static examples for the user to implement in their own environments and are not executed by the agent automatically. - [EXTERNAL_DOWNLOADS] (SAFE): While the documentation mentions external tools like
trivyandargoproj.io, it does not perform any downloads or installations during runtime. - [DATA_EXFILTRATION] (SAFE): Examples use placeholder URLs (e.g.,
app.example.com) and generic GitHub Actions secrets syntax (${{ secrets.SLACK_WEBHOOK }}). No actual sensitive data or credentials are included.
Audit Metadata