owasp-cicd-top-10
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were detected. The skill consists entirely of documentation and configuration examples aimed at improving CI/CD security posture.
- [Metadata Poisoning] (SAFE): The skill metadata (name, description) accurately describes the content without deceptive instructions.
- [Indirect Prompt Injection] (SAFE): The skill provides static reference material and does not contain ingestion points for untrusted external data that could influence the agent's logic.
- [Credential Hygiene] (SAFE): Examples provided in the documentation use placeholders (e.g.,
123456789) or standard secret injection syntax (e.g.,${{ secrets.AWS_KEY }}) rather than hardcoded credentials.
Audit Metadata