harness-dev
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities detected. The skill provides a structured and safe environment for development automation.
- [COMMAND_EXECUTION]: The skill performs shell commands for development tasks like building, testing, linting, and formatting. These are appropriate for the skill's stated purpose and are governed by strict instructions requiring user confirmation for high-risk, destructive, or external operations.
- [DATA_EXFILTRATION]: Access to external systems via tools like curl or wget is explicitly prohibited without prior user authorization, mitigating the risk of silent data exfiltration.
- [CREDENTIALS_UNSAFE]: The skill includes defensive instructions that prevent the modification or access of keys, tokens, and secrets without explicit user permission.
Audit Metadata