setup-dev-environment
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- DATA_EXFILTRATION (HIGH): The skill accesses and loads sensitive configuration data from the .env file. According to security protocols, accessing files that typically store secrets is flagged as a high-risk exposure point.\n- EXTERNAL_DOWNLOADS (MEDIUM): The skill facilitates the installation of the golangci-lint tool via go install. As the golangci GitHub organization is not on the designated trusted list, this constitutes an unverifiable dependency installation.\n- COMMAND_EXECUTION (LOW): The skill directs the agent to execute several system commands (e.g., docker compose, task, lsof). While expected for environment setup, these operations represent a capability that should be restricted to the least privilege necessary.
Recommendations
- AI detected serious security threats
Audit Metadata