Skills
skills/aj-comp/agent-skills/clean-code-principles/Gen Agent Trust Hub

clean-code-principles

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): Hardcoded API key pattern found in 'magic-numbers-and-strings.md'. Evidence: 'client.DefaultRequestHeaders.Add("X-Api-Key", "sk-abc123xyz");'. Description: The 'sk-' prefix is a known marker for sensitive credentials. Even in a 'bad code' example, its inclusion is a high-risk practice.
  • [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: User-provided code snippets reviewed by the agent. 2. Boundary markers: Absent. 3. Capability inventory: No scripts in the skill, but the agent's environment is assumed to have capabilities like file access. 4. Sanitization: Absent.
  • [NO_CODE] (SAFE): The skill consists only of markdown files and contains no executable scripts or binaries.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:31 PM