tracekit-releases
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses official vendor-owned packages like
@tracekit/cliand@tracekit/nodewhich are consistent with the author's identity. - [SAFE]: Authentication is handled via the
TRACEKIT_AUTH_TOKENenvironment variable, avoiding hardcoded secrets in configurations. - [SAFE]: All external references point to the vendor's official domain
app.tracekit.dev. - [SAFE]: The GitHub Actions integration follows security best practices by utilizing repository secrets for sensitive tokens.
Audit Metadata