Skills
skills/terminalskills/skills/cicd-pipeline/Gen Agent Trust Hub

cicd-pipeline

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs read-only introspection of standard project files like package.json, pyproject.toml, and Makefile to detect the technology stack and test commands.
  • [EXTERNAL_DOWNLOADS]: The generated workflow templates utilize well-known and trusted GitHub Actions from official organizations (e.g., actions/*, docker/*) and reputable community maintainers (amondnet/*, softprops/*).
  • [COMMAND_EXECUTION]: The skill employs standard shell commands (ls, cat, grep) for environment detection, which are appropriate for its DevOps use case and lack malicious side effects.
  • [SAFE]: Generated templates correctly implement security best practices by utilizing GitHub Secrets for sensitive credentials and recommending version pinning for external actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 01:33 PM