backend-expert
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and does not include any scripts, binaries, or automated tool invocations.
- [SAFE]: It explicitly instructs the agent to follow security protocols such as performing authentication and permission checks before business logic.
- [SAFE]: The instructions mandate the use of parameterized queries and forbid string concatenation for database operations, directly mitigating SQL injection risks.
- [SAFE]: The skill presents a surface for indirect prompt injection as it reads project codebase files (Ingestion points: routes, schemas, service layers). While it lacks explicit boundary markers or sanitization, its capabilities are restricted to standard code analysis and generation within the agent environment (Capability inventory: File read, code generation).
Audit Metadata