contract-testing
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructs the user on how to use industry-standard tools and libraries, such as
@pact-foundation/pact, for contract testing without introducing any malicious code or patterns. - [SAFE]: External references and dependencies, such as GitHub Actions (
actions/checkout,actions/setup-node) and Docker images (postgres,pactfoundation/pact-broker), are sourced from trusted organizations and well-known services. - [SAFE]: The CI/CD pipeline examples follow best practices for secret management, utilizing environment variables and CI secrets (e.g.,
${{ secrets.PACT_BROKER_TOKEN }}) rather than hardcoding sensitive credentials. - [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or unauthorized command execution was found in the provided instructions.
Audit Metadata