devops
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive templates for industry-standard tools including Terraform, Docker, Kubernetes, and GitHub Actions. All provided examples follow security best practices, such as using placeholders for sensitive credentials and emphasizing the principle of least privilege.
- [COMMAND_EXECUTION]: Several agents provide command-line examples (e.g.,
kubectl,helm,terraform,git). These are standard DevOps operations necessary for the skill's primary purpose. A versioning script inagents/cicd/artifacts.mdusesexecSyncto retrieve git logs, which is a common pattern for automated release management and does not pose an arbitrary execution risk in this context. - [EXTERNAL_DOWNLOADS]: The documentation references official installation methods for well-known tools like
kubesealvia Homebrew and various Helm charts from established repositories (e.g., Bitnami, Grafana). These references target official and trusted sources for DevOps tooling. - [CREDENTIALS_UNSAFE]: The skill contains examples of Kubernetes Secrets using Base64 encoding. Analysis of these strings confirms they contain generic placeholder credentials (e.g.,
postgres://user:pass@host:5432/db) used for educational purposes rather than actual hardcoded secrets.
Audit Metadata