NYC

auth-web-cloudbase

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The documentation references a remote JavaScript SDK hosted on a CDN (https://static.cloudbase.net/cloudbase-js-sdk/latest/cloudbase.full.js). The domain cloudbase.net is not in the predefined list of trusted organizations.
  • [CREDENTIALS_UNSAFE] (INFO): The example code snippets contain hardcoded dummy credentials (e.g., password: 'pass123'). While intended for demonstration, these should be replaced with environment variables in practice.
  • [REMOTE_CODE_EXECUTION] (INFO): Instructions suggest the agent should invoke a tool named auth-tool-cloudbase for configuration, creating a dependency on an external component whose security profile is unknown.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 08:54 PM