workleap-chromatic-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill instructions and reference documents follow best practices for auditing and optimizing visual testing workflows.
- [EXTERNAL_DOWNLOADS]: The skill references official GitHub Actions such as
actions/checkoutandactions/github-script, as well as the officialchromaui/action. These are sourced from well-known technology organizations and are used according to standard practices. - [COMMAND_EXECUTION]: The skill recommends standard CI/CD commands and workflow configurations. No suspicious or high-risk command execution patterns were identified.
- [DATA_EXFILTRATION]: Access is restricted to project configuration and source code metadata (e.g.,
package.json,chromatic.config.json) for the purpose of auditing. No sensitive data access or exfiltration patterns were found.
Audit Metadata