pensieve-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The analyzed content consists entirely of educational code snippets and configuration patterns for Next.js and Vercel. There are no signs of malicious intent or unauthorized data access.
- [CREDENTIALS_UNSAFE] (SAFE): The GitHub API integration code correctly utilizes environment variables (
process.env.GITHUB_TOKEN) and includes authorization headers in a standard, secure manner. No hardcoded secrets or API keys are present. - [EXTERNAL_DOWNLOADS] (LOW): The skill mentions several standard Node.js packages such as
@ai-sdk/anthropic,ai,lucide-react, anddexie. These are well-known, reputable libraries within the development community. - [COMMAND_EXECUTION] (LOW): Section 5 and 6 provide shell commands for PWA icon generation and Vercel environment variable management. These are routine DevOps utilities and do not pose a security risk in this context.
Audit Metadata