system-environment-setup
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses 'npm install' within the Makefile and Dev Container configuration to download project dependencies from the official NPM registry, a well-known service.- [COMMAND_EXECUTION]: The instructions and Makefile provide commands for managing Docker containers ('docker-compose up', 'down'), running development servers ('npm run dev'), and managing database migrations. These are standard development operations.- [CREDENTIALS_UNSAFE]: The '.env.example' and 'docker-compose.yml' files contain placeholder credentials (such as 'sk_test_xxx' for Stripe and 'AKIAXXXXXXX' for AWS) and default passwords (e.g., 'password' for a local PostgreSQL instance). These are intended as templates for local development and are accompanied by explicit instructions in the 'Constraints' section not to commit actual secrets to version control.
Audit Metadata