building-with-tbc
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structured documentation and configuration schemas for the established To-Be-Continuous GitLab CI/CD framework. All external resources point to the official TBC repositories and trusted container registries including Docker Hub, GHCR, and Quay.io.
- [SAFE]: No hardcoded credentials or data exfiltration patterns were identified. Sensitive inputs such as API keys or tokens are defined as descriptors for variables to be securely configured within the user's GitLab CI/CD settings.
- [SAFE]: The included validation script performs local analysis of YAML configurations using safe parsing methods and does not execute arbitrary code or access restricted system resources.
- [SAFE]: The skill promotes secure deployment practices by providing dedicated variants for secret management through HashiCorp Vault and identity federation via OpenID Connect (OIDC).
Audit Metadata