feature-flags
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides architectural patterns and implementation examples for feature flag management using standard practices and libraries.
- [SAFE]: Identified dependencies such as ioredis and launchdarkly-node-server-sdk are well-known, industry-standard packages appropriate for the skill's functionality.
- [PROMPT_INJECTION]: The skill demonstrates patterns for processing external user attributes and configuration data. While this presents an ingestion surface for indirect prompt injection, it is documented as part of standard feature flag evaluation logic. 1. Ingestion points: EvaluationContext attributes and FeatureFlag rules from Redis storage. 2. Boundary markers: Not present in the provided architectural examples. 3. Capability inventory: The implementation includes dynamic regular expression evaluation (new RegExp), network requests (fetch), and Redis operations. 4. Sanitization: Not featured in the basic implementation patterns.
Audit Metadata