setup-github-actions-ci
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or security vulnerabilities were detected in the skill instructions or the generated workflow configurations.
- [EXTERNAL_DOWNLOADS]: The skill generates GitHub Actions workflows that reference official and well-known repositories, including
actions/checkout,r-lib/actions,codecov/codecov-action, andJamesIves/github-pages-deploy-action. These are standard, reputable sources for automation in the R ecosystem. - [COMMAND_EXECUTION]: The skill utilizes bash and Rscript commands to create directories and execute package checks or documentation builds within the CI/CD environment. These operations are restricted to the intended purpose of the skill.
- [CREDENTIALS_UNSAFE]: The generated workflows correctly use GitHub Secrets (
GITHUB_TOKEN,CODECOV_TOKEN) to handle sensitive tokens, avoiding hardcoded credentials.
Audit Metadata