litestar-security
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats detected. The skill provides defensive guidelines and code patterns for the Litestar web framework.
- [CREDENTIALS_UNSAFE]: All sensitive parameters in the provided code examples use descriptive placeholders like 'replace-in-production' or 'dev-token'.
- [EXTERNAL_DOWNLOADS]: The skill does not download external scripts or packages; it only references official documentation from litestar.dev.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill identifies request parsing (headers, cookies, body) as the primary data ingestion surface (references/security-patterns.md). It defines boundary markers by separating request parsing from identity establishment (SKILL.md). Capability inventory reveals no dangerous execution patterns like subprocesses or eval(). Sanitization is handled by the framework's security backends and guard logic.
Audit Metadata