github-actions-templates
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill serves as a documentation resource for building CI/CD pipelines.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials, tokens, or private keys were found. The templates demonstrate best practices by utilizing the
${{ secrets.NAME }}syntax for all sensitive environment variables, such as AWS keys, Snyk tokens, and Slack webhooks. - [EXTERNAL_DOWNLOADS]: The workflow templates reference various external GitHub Actions from trusted organizations (e.g., actions/checkout, aws-actions/configure-aws-credentials) and well-known service providers (e.g., docker/login-action, aquasecurity/trivy-action, snyk/actions). These references are standard for automation and involve trusted infrastructure.
Audit Metadata