doppler-workflows
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill implements standard DevOps procedures for secret management, emphasizing secure storage in Doppler and providing clear instructions to avoid plaintext credential exposure.
- [COMMAND_EXECUTION]: Utilizes Bash scripts and CLI tools like AWS CLI, Doppler, and UV to automate credential lifecycle tasks, all consistent with the skill's stated purpose.
- [EXTERNAL_DOWNLOADS]: References the official Doppler CLI installation via Homebrew, which is a recognized and trusted distribution channel for development tools.
- [DATA_EXFILTRATION]: Moves sensitive credentials between trusted services (AWS, PyPI, and Doppler) as part of a secure configuration workflow, which does not constitute unauthorized data transmission.
Audit Metadata