witdev-project-setup
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a standard development workflow involving shell scripts (dev.sh, build.sh) and a Node.js utility (db-prepare.js) that executes Prisma CLI commands via subprocesses. These are typical operations for project scaffolding, migration, and local lifecycle management.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes trusted package managers (npx, pnpm) and Docker to fetch dependencies and container images from official, well-known registries such as the npm registry and Docker Hub (e.g., pgvector, redis). These references align with standard development practices.\n- [DATA_EXFILTRATION]: Configuration templates and Docker Compose examples include placeholder environment variables and development-only credentials (e.g., app_password_dev). No patterns of actual sensitive data exposure or unauthorized network transmission were detected.
Audit Metadata