daemon-setup
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill manages GitHub Personal Access Tokens and Pushover API keys. It adheres to security best practices by requesting these through interactive user prompts and storing them in the encrypted macOS Keychain using the
securitycommand, avoiding plain-text storage in configuration files or environment variables. - [COMMAND_EXECUTION]: The skill uses shell scripts to generate service configuration files and manage daemon persistence via
launchctl. These operations are performed within the user's home directory and are essential for the skill's stated purpose of installing a background service. - [EXTERNAL_DOWNLOADS]: The skill initiates network connections to GitHub and Pushover APIs for the sole purpose of validating user credentials and testing notification settings. It also facilitates the installation of required software dependencies through the Homebrew package manager. All external interactions target well-known and reputable services.
Audit Metadata