Skills
skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/frappe-testing-cicd/Gen Agent Trust Hub

frappe-testing-cicd

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides comprehensive guides and templates for setting up CI/CD workflows using industry-standard tools like GitHub Actions, Ruff, ESLint, and Semgrep.
  • [SAFE]: It includes security-enhancing Semgrep rules specifically designed to detect SQL injection (e.g., preventing the use of .format() or f-strings in database queries) and unsafe Python functions like eval() and exec().
  • [SAFE]: It explicitly warns against security and operational anti-patterns, such as using sudo pip install and committing directly to the main branch.
  • [SAFE]: All external references, including GitHub Actions (actions/checkout, actions/setup-python, etc.) and pre-commit hooks, point to well-known, trusted organizations or official repositories.
  • [SAFE]: Configuration snippets for sensitive areas like database root passwords use default placeholders (e.g., 'db_root') intended for ephemeral CI environments, following standard development practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 11:52 AM