system-environment-setup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns detected. The skill acts as a documentation and template provider for standard development workflows.
- Data Exposure (SAFE): Although the skill includes examples of environment variables (e.g., AWS_ACCESS_KEY_ID, STRIPE_SECRET_KEY), they use clear placeholders (e.g., 'xxx', 'XXXXXXX') which do not constitute a credential leak. The skill includes a 'MUST NOT' constraint against committing secrets.
- Command Execution (SAFE): The skill mentions commands like
npm installanddocker-compose up. These are standard tools for the described use case (environment setup) and are not used to execute remote or obfuscated scripts.
Audit Metadata