Skills
skills/shiplightai/agent-skills/cloud/Gen Agent Trust Hub

cloud

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill manages API authentication by instructing the agent to store and retrieve a SHIPLIGHT_API_TOKEN from the project's local .env file, which is a standard development practice for secret management.
  • [DATA_EXFILTRATION]: The skill is designed to synchronize local test files, templates, and TypeScript functions with the Shiplight cloud at api.shiplight.ai. This involves reading local files and transmitting them to the vendor's infrastructure as part of its primary functional purpose.
  • [COMMAND_EXECUTION]: The skill utilizes curl commands to interact with the Shiplight REST API for tasks such as managing test runs, environments, and folders.
  • [SAFE]: All external communications are directed toward the vendor's official domains (shiplight.ai), and the handling of sensitive files like .env and browser session states is consistent with the intended purpose of a cloud-sync testing tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 06:04 PM