github-actions
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as an educational resource and template library for GitHub Actions, providing well-structured examples for CI/CD across multiple languages.
- [SAFE]: All third-party actions and external dependencies referenced in the examples are from trusted organizations (e.g., GitHub, Docker, AWS, Azure, Google Cloud, Snyk) or highly reputable community sources.
- [SAFE]: The documentation includes a dedicated security guide that warns against critical risks like command injection from event data and provides secure patterns, such as using environment variables for sanitization.
- [SAFE]: The skill promotes secure secrets management by using standard GitHub secrets syntax and placeholders, rather than hardcoding sensitive credentials.
Audit Metadata