release-automation-builder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): Recommends the installation and use of well-known community tools such as @changesets/cli and semantic-release via npm.
- [CREDENTIALS_UNSAFE] (SAFE): Templates correctly utilize GitHub Secrets for sensitive authentication tokens (NPM_TOKEN, GITHUB_TOKEN, DOCKER_PASSWORD) rather than hardcoding values.
- [COMMAND_EXECUTION] (LOW): The provided templates include standard shell commands for building and publishing packages (npm ci, npm publish, npx semantic-release), which are restricted to the user's CI/CD environment.
- [DATA_EXFILTRATION] (SAFE): No patterns of unauthorized data access or external exfiltration to non-whitelisted domains were detected.
Audit Metadata