Pipe
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is documentation-centric, consisting of markdown files that define operational rules and references for GitHub Actions design without providing any executable scripts or binary files.
- [NO_CODE]: No executable code or scripts are included in this skill; it consists purely of configuration and reference documentation.
- [SAFE]: Instructions prioritize security hardening, explicitly mandating SHA-pinning for third-party actions, minimal permission scopes, and the use of OIDC over long-lived credentials.
- [SAFE]: No malicious patterns, prompt injections, or data exfiltration attempts were detected. The content is aligned with established DevSecOps principles.
Audit Metadata