pipeline-audit
Systematically audits multi-repo pipelines for integration correctness, ensuring every service join is validated with actionable insights.
Install this skill
or
87/100
Security score
The pipeline-audit skill was audited on Mar 7, 2026 and we found 9 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
medium line 72
Access to .env file
SourceSKILL.md
| 72 | | "Config is set up" | .env.example defaults are not runtime config; .env files on disk are | Extract actual DSN from .env, not from code defaults or documentation | |
low line 126
Access to .env file
SourceSKILL.md
| 126 | - Connection string source (which .env var, what default value) |
low line 133
Access to .env file
SourceSKILL.md
| 133 | - .env file: extract ALL database, Kafka, and service URL variables with their actual values |
low line 134
Access to .env file
SourceSKILL.md
| 134 | - .env.example: note any variables present in .env.example but MISSING from .env |
low line 225
Access to .env file
SourceSKILL.md
| 225 | - Read the .env file (NOT .env.example, NOT code defaults) |
low line 227
Access to .env file
SourceSKILL.md
| 227 | - Record: variable name, value from .env, file where it is loaded |
low line 239
Access to .env file
SourceSKILL.md
| 239 | | Component | Writer Repo (.env value) | Reader Repo (.env value) | Dashboard Repo (.env value) | MATCH? | |
low line 432
Access to .env file
SourceSKILL.md
| 432 | - .env variable referenced in code but missing from .env file |
low line 516
Access to .env file
SourceSKILL.md
| 516 | [ ] .env files read directly, not .env.example or code defaults |
Scanned on Mar 7, 2026
View Security DashboardInstall this skill with one command
/learn @omninode-ai/pipeline-auditGitHub Stars 1
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawbackendapitestingdevops-srebackend-developerdata-engineerqa-engineertechnical-pmdevelopmentproduct
OmniNode-ai/omniclaude