production-grade
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes untrusted data from the local repository to ground its actions.
- Ingestion points: Reads files such as
package.json,AGENTS.md,README.md, andgit logto establish project context. - Boundary markers: The skill advocates for validation at system boundaries (Rule R8) but does not define specific separators for interpreting repository content.
- Capability inventory: Possesses capabilities to modify the file system, execute shell commands (linting, formatting), and perform database migrations.
- Sanitization: Emphasizes internal assertions and boundary validation as architectural principles.
- [EXTERNAL_DOWNLOADS]: The skill references reputable external libraries and educational resources.
- Dependencies: Recommends standard, widely-used packages like
zod,stripe, andioredis. - Educational Resources: References established GitHub repositories for system design and algorithms (e.g.,
donnemartin/system-design-primer,trekhleb/javascript-algorithms). - Trusted Vendors: Leverages official documentation and tools from trusted entities including Anthropic, Microsoft, and Vercel.
- [COMMAND_EXECUTION]: Utilizes common development tools to maintain code quality.
- Quality Gates: Employs standard commands for
eslint,prettier, andtscto enforce style and type safety. - Safety Measures: Explicitly instructs the agent to seek operator approval before executing destructive operations like
rm -rfor database deletions. - [DATA_EXFILTRATION]: The skill mandates safe secret management.
- Best Practices: Forbids committing secrets, recommends
.env.exampletemplates, and ensures sensitive configuration is ignored by version control. - PII Protection: Prohibits logging personally identifiable information or internal database details.
Audit Metadata