shelf
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill. The content consists of legitimate development guidelines, code templates, and architectural best practices for the Dart programming language and the Shelf web framework.
- [SAFE]: Data exposure risks are addressed by emphasizing the use of environment variables for secrets (e.g., JWT_SECRET) and explicitly advising against hardcoding credentials or logging sensitive information in production environments.
- [SAFE]: The skill promotes secure authentication and authorization patterns, including the use of standard libraries like
dart_jsonwebtokenandbcryptfor password hashing and token verification. - [SAFE]: Remote code execution and dynamic execution risks are absent. The dependencies listed are standard, well-known Dart packages from the official pub.dev registry, and no suspicious external scripts or binary downloads are present.
- [SAFE]: The architecture includes structured error handling and input validation examples (e.g., email and password regex validation) to mitigate common web-based attack vectors.
Audit Metadata