rushstack-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- Verified Official Resources: The skill contains numerous references to official documentation and repositories, such as
rushstack.ioandgithub.com/microsoft/rushstack. These links point to trusted domains associated with the tool's maintainers. - Purely Instructional Content: The skill's primary function is to provide the agent with knowledge about Rush commands and configurations. It does not include executable scripts, automation for environment modification, or requests for sensitive information.
- Standard Tooling Guidance: The recommended commands (
rush build,rush update,rushx) are standard operations for the Rush build orchestrator. The guidance encourages the use of these built-in tools over direct package manager calls, which is a recommended practice for monorepo consistency. - No Data Risks Detected: The analysis found no patterns indicative of data exfiltration, hardcoded credentials, or unauthorized file system access. All discussed configurations (like
rush.jsonandcommon-versions.json) are standard project files used for monorepo management.
Audit Metadata