devops-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or behaviors were identified in the skill's instructions, scripts, or reference materials.
- [SAFE]: The skill implements strong security defaults in its 'Critical Rules' section, specifically addressing common CI/CD security risks like script injection, overly broad permissions, and unpinned third-party actions.
- [SAFE]: Analysis scripts like
workflow-analyzer.pyuseyaml.safe_load()to prevent YAML deserialization attacks when parsing untrusted workflow definitions. - [SAFE]: The
log-parser.pyscript includes defensive measures for handling untrusted data, such as log truncation and regex-based extraction, which limits the risk of processing excessively large or malformed inputs. - [SAFE]: While the skill processes external data (CI logs and YAML workflows), it does so using specialized analysis scripts that do not possess dangerous capabilities like arbitrary network access or filesystem modifications.
Audit Metadata