start-local-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes local commands like
taskanddocker composeto manage development services. These are standard operations for the stated purpose of the skill and do not involve arbitrary or obfuscated command execution. - [CREDENTIALS_UNSAFE] (SAFE): References to environment variables (
POSTGRES_*) and.envfiles are instructional for troubleshooting and do not contain hardcoded secrets or sensitive data exposure. - [DATA_EXFILTRATION] (SAFE): The network activity described is limited to local service communication (
localhost:8080) and a legitimate external data source (tarkov.dev) for the importer service. - [REMOTE_CODE_EXECUTION] (SAFE): No patterns for downloading and executing remote scripts (e.g.,
curl | bash) were identified.
Audit Metadata