dotenv-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADS
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and configuration templates. There are no executable scripts, shell commands, or logic components included in the skill files.
- [SAFE]: The content is exclusively focused on security awareness, such as preventing the commitment of secrets to version control and using startup validation to prevent runtime errors. No malicious patterns, obfuscation, or data exfiltration attempts were detected.
- [EXTERNAL_DOWNLOADS]: The documentation mentions the installation of developer tools such as 'evnx' and 'git-filter-repo' through standard package registries (npm, pip, cargo). These are utility tools for the user and are not executed by the skill itself. 'evnx' is identified as a vendor-owned resource by the author urwithajit9.
Audit Metadata