tanstack-start-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill provides educational content and code snippets for building full-stack applications.
- Authentication & Session Security: The skill correctly emphasizes high-priority security practices, such as using HTTP-only cookies, secure session management, and server-side secret handling.
- Input Validation: It advocates for strict schema validation using Zod to prevent common vulnerabilities like injection and mass assignment.
- Environment Variable Management: The examples demonstrate proper separation of public and private configuration using environment variables and prefixing (VITE_).
- No Malicious Patterns: No evidence of prompt injection, obfuscation, data exfiltration, or unauthorized command execution was found in any of the 14 files.
Audit Metadata