devops-cicd
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains architectural documentation and code examples that do not execute malicious logic.
- [SAFE]: GitHub Actions examples follow security best practices by using secrets placeholders (e.g., ${{ secrets.DOCKER_PASSWORD }}) instead of hardcoded credentials.
- [SAFE]: The Dockerfile implementation adheres to the principle of least privilege by creating a non-root 'appuser' and ensuring the container does not run as root.
- [SAFE]: External dependencies and GitHub Actions (e.g., Snyk, Trufflehog, Docker, Hashicorp) are referenced from trusted or well-known technology organizations.
- [SAFE]: The skill encourages the inclusion of security stages (SAST, secret detection, dependency scanning) in automated pipelines.
Audit Metadata