snowtree
agent
Fail
Health Pass
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 57 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in .github/workflows/release.yml
- process.env — Environment variable access in .github/workflows/release.yml
- fs module — File system access in .github/workflows/release.yml
- rm -rf — Recursive force deletion command in install.sh
- fs module — File system access in packages/core/package.json
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This project was designed as a review-driven, safe AI coding agent. However, it has been officially archived by the creator and development has moved to a different platform.
Security Assessment
The automated scan flagged a few items that warrant attention, primarily `rm -rf` (recursive force deletion) commands found in an installation script and a GitHub workflow. While potentially destructive if misused, these commands are standard practice in build and deployment scripts for cleaning up directories. Environment variable access and file system operations were also detected, which are normal for a development tool. No hardcoded secrets or dangerous broad permissions were found. Overall, the risk level is rated as Low.
Quality Assessment
From a maintenance standpoint, the project was pushed to very recently (0 days ago), but this is overshadowed by the fact that the repository is now archived. The tool has a solid foundation of community trust with 57 GitHub stars and uses the permissive Apache-2.0 license.
Verdict
Not recommended to use this specific repository, as the project is officially archived and no longer maintained; you should transition to its actively developed successor at evotai/evot.
This project was designed as a review-driven, safe AI coding agent. However, it has been officially archived by the creator and development has moved to a different platform.
Security Assessment
The automated scan flagged a few items that warrant attention, primarily `rm -rf` (recursive force deletion) commands found in an installation script and a GitHub workflow. While potentially destructive if misused, these commands are standard practice in build and deployment scripts for cleaning up directories. Environment variable access and file system operations were also detected, which are normal for a development tool. No hardcoded secrets or dangerous broad permissions were found. Overall, the risk level is rated as Low.
Quality Assessment
From a maintenance standpoint, the project was pushed to very recently (0 days ago), but this is overshadowed by the fact that the repository is now archived. The tool has a solid foundation of community trust with 57 GitHub stars and uses the permissive Apache-2.0 license.
Verdict
Not recommended to use this specific repository, as the project is officially archived and no longer maintained; you should transition to its actively developed successor at evotai/evot.
Review-Driven Safe AI Coding
README.md
Snowtree
This project has been archived. Development continues at https://github.com/evotai/evot.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found