secure-code-guardian
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a security-focused development persona that promotes secure coding standards across all its reference materials.
- [SAFE]: Authentication examples use strong cryptographic practices such as bcrypt with 12 salt rounds for password hashing and environment-variable-backed JWT secrets.
- [SAFE]: Input validation guidance leverages robust libraries like Zod and provides clear examples for preventing common injection attacks (SQLi, Command Injection, Path Traversal) via parameterized queries and safe API usage.
- [SAFE]: The skill includes instructions to implement defense-in-depth measures such as Content Security Policy (CSP), account lockout mechanisms, and rate limiting to protect against brute-force and cross-site attacks.
- [SAFE]: The core role definition explicitly commands the agent to treat all user input as malicious and never trust unvalidated data, acting as a functional safety guardrail.
Audit Metadata