tam-builder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure configuration management practices by using environment variables (.env) for sensitive credentials such as Apollo and Supabase keys, avoiding hardcoded secrets.
- [SAFE]: The database interaction logic includes a pre-flight schema validation to ensure the live Supabase environment matches the expected structure, which prevents silent data loss or write failures.
- [SAFE]: The skill implements a robust "Database Write Policy" that mandates a review-then-approve workflow, ensuring the user maintains full control over data modification and prevents accidental database pollution.
- [SAFE]: External API calls to Apollo and SixtyFour are performed using standard clients and target legitimate business services consistent with the skill's primary purpose.
- [SAFE]: The skill identifies and uses local utility scripts from related directories using standard Python path manipulation, showing no signs of remote code execution or unauthorized external dependency loading.
Audit Metadata