yba-api
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as an administrative bridge for YugabyteDB Anywhere, providing legitimate automation and troubleshooting capabilities.
- [SAFE]: Credential management is handled securely; the Python client and PowerShell functions use header-based authentication and encourage the use of environment variables or secure inputs over hardcoding.
- [SAFE]: The documentation includes explicit security warnings regarding the risks of disabling TLS verification (
verify=False/-SkipCertificateCheck) and highlights that the bundled Prometheus instance lacks authentication by default. - [SAFE]: External references and download links target trusted Yugabyte domains and official GitHub repositories for documentation, OpenAPI specs, and software releases.
- [SAFE]: No obfuscation, persistence mechanisms, or unauthorized data exfiltration patterns were detected in the provided scripts or documentation.
Audit Metadata