Skills
skills/allenlin90/eridu-services/backend-controller-pattern-nestjs/Gen Agent Trust Hub

backend-controller-pattern-nestjs

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill defines robust security standards for NestJS controllers, including mandatory response serialization using Zod to prevent accidental exposure of sensitive internal data.
  • [SAFE]: It proactively mitigates Insecure Direct Object Reference (IDOR) vulnerabilities by instructing developers to use authenticated identity from session tokens (@CurrentUser) instead of trusting user-supplied identifiers in request bodies or parameters.
  • [SAFE]: It enforces strict authorization patterns across different access tiers (Admin, Studio, User) by requiring the extension of specialized base classes that include pre-configured security guards.
  • [SAFE]: The inclusion of specific patterns for rate limiting (via throttle profiles) and input validation (via UidValidationPipe) demonstrates a focus on preventing Denial of Service (DoS) and injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 06:03 PM