turborepo
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation and configuration examples. It does not include any executable scripts, binaries, or automated tasks.\n- [EXTERNAL_DOWNLOADS]: The guide describes the installation of the
turbopackage and initialization vianpx create-turbofrom official npm registries. These sources are managed by Vercel, a trusted organization, and represent standard development practices.\n- [COMMAND_EXECUTION]: Documentation includes instructions for using the Turborepo CLI for task orchestration (e.g.,turbo run build). These commands are standard for the tool's intended use in monorepo management.\n- [CREDENTIALS_UNSAFE]: The documentation references environment variables for remote caching (e.g.,TURBO_TOKEN). The examples correctly demonstrate using CI/CD secrets rather than hardcoded credentials, following security best practices.
Audit Metadata