sveltekit-conventions
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Architecture & Design] (SAFE): The skill defines a clean separation of concerns using Active Record and Query Service patterns. This structure encourages maintainable and predictable code.
- [Data Handling & Injection] (LOW): The skill outlines how to process untrusted data from REST API endpoints. It correctly identifies the risk and mandates the use of validation libraries like Zod (
createSchema.safeParse(data)) and type-safe ORM queries to prevent common injection attacks. While this is an attack surface, the provided guidance follows industry best practices for mitigation. - [Dependencies] (LOW): The skill references standard, well-known libraries in the SvelteKit ecosystem including Drizzle ORM, better-auth, and Zod. No suspicious or unverified packages are suggested.
Audit Metadata