build-ci-cd-pipeline
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several official and trusted GitHub Actions from organizations including GitHub (actions/checkout, actions/setup-node, actions/cache, actions/upload-artifact, actions/download-artifact), AWS (aws-actions/configure-aws-credentials), and Slack (slackapi/slack-github-action).
- [EXTERNAL_DOWNLOADS]: Integrates with well-known security and observability services by utilizing official actions from Aqua Security (Trivy), TruffleSecurity (Trufflehog), and Codecov.
- [COMMAND_EXECUTION]: Utilizes standard shell commands (Bash) for routine development tasks such as installing project dependencies (npm ci), running linters, and executing tests.
- [COMMAND_EXECUTION]: Employs curl to send deployment event data to Datadog's official monitoring API, using secure secret references for authentication.
- [SAFE]: Implements secure handling of credentials using the GitHub Secrets context, ensuring that sensitive information like AWS roles, Slack webhooks, and API keys are never hardcoded.
Audit Metadata