Skills
skills/mizchi/chezmoi-dotfiles/gleam-practice/Gen Agent Trust Hub

gleam-practice

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a best-practice repository for Gleam developers, providing templates and architectural guidance for building web services on the Erlang target.
  • [CREDENTIALS_UNSAFE]: A hardcoded secret key placeholder is provided in SKILL.md for local development. The instructions correctly demonstrate fetching production secrets from environment variables using the envoy library.
  • [EXTERNAL_DOWNLOADS]: The GitHub Actions template in assets/github-actions/ci.yml uses the official erlef/setup-beam action to install the Gleam and Erlang toolchains. This is standard practice for the ecosystem.
  • [REMOTE_CODE_EXECUTION]: The CI/CD template contains a commented-out instruction for installing the Rust toolchain from its official source (sh.rustup.rs). As this is a well-known official service and the code is provided as a template comment, it does not pose a risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 04:47 PM