chezmoi-workflows
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the chezmoi installation script from the tool's official domain (get.chezmoi.io) and uses Homebrew for package management.
- [REMOTE_CODE_EXECUTION]: It suggests the official installation method for Linux, which involves piping a remote script to the shell (curl | sh).
- [COMMAND_EXECUTION]: The skill utilizes bash scripts for environment setup, file movements, and multi-step git operations to manage and sync configuration files.
- [SAFE]: The skill incorporates proactive security measures, including a dedicated reference for secret detection and recommendations for using private repositories and password manager integrations.
Audit Metadata