Skills
skills/supercent-io/skills-template/workflow-automation/Gen Agent Trust Hub

workflow-automation

Warn

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides templates containing high-risk command-line operations.\n
  • The package.json and Makefile include rm -rf commands for recursively deleting build artifacts and the node_modules directory.\n
  • scripts/dev-setup.sh manages local environment services using docker-compose up -d.\n- [REMOTE_CODE_EXECUTION]: The automation scripts facilitate the execution of code on remote servers.\n
  • scripts/deploy.sh utilizes ssh to execute a sequence of commands (git pull, npm install, npm run build, pm2 restart) on production and staging hosts.\n- [EXTERNAL_DOWNLOADS]: The skill automates the retrieval of external software and configuration.\n
  • Multiple components (dev-setup.sh, Makefile, package.json) use npm install and npm ci to download packages from the npm registry.\n
  • The GitHub Actions workflow (ci.yml) fetches official actions for repository checkout and environment setup from GitHub.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 7, 2026, 06:43 AM