tracekit-java-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by explicitly instructing users never to hardcode API keys and instead use environment variables or externalized configurations.
- [EXTERNAL_DOWNLOADS]: The skill references dependencies from the 'dev.tracekit' group ID, which corresponds to the vendor's namespace. These are standard Java dependencies for Maven and Gradle build systems.
- [COMMAND_EXECUTION]: Instructions include standard shell commands for setting environment variables (e.g., 'export TRACEKIT_API_KEY') and project detection steps (checking for 'pom.xml' or 'build.gradle').
- [SAFE]: All external URLs point to 'app.tracekit.dev', which is the official domain of the service provider described in the skill.
Audit Metadata