devops-deployer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of educational templates and configuration examples for DevOps workflows. No malicious intent or suspicious commands were identified.
- [CREDENTIALS_UNSAFE]: The skill correctly uses placeholders (e.g.,
${{ secrets.GITHUB_TOKEN }}) and example values for database URLs rather than hardcoding sensitive credentials. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted tools and actions, such as Aquasecurity's Trivy for vulnerability scanning and HashiCorp's Vault for secrets management. These are documented neutrally as standard industry practices.
- [PROMPT_INJECTION]: No attempts to override system instructions or bypass safety filters were found in the metadata or the body of the skill.
- [COMMAND_EXECUTION]: Command examples provided (such as
npm ci,docker build, andkubectlmanifests) are standard for the described DevOps functionality and do not contain hidden malicious payloads.
Audit Metadata