backend-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of educational documentation and static code snippets. No scripts or executables are included for direct execution by the agent.
- [CREDENTIALS_UNSAFE] (SAFE): All code snippets use environment variables (e.g.,
process.env.JWT_PRIVATE_KEY) or obvious placeholders (e.g.,'your-client-id'). No hardcoded secrets were found. - [EXTERNAL_DOWNLOADS] (SAFE): External links point to reputable educational and industry-standard organizations such as OWASP, NIST, and official technology documentation.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in the markdown content or metadata.
- [COMMAND_EXECUTION] (SAFE): Commands mentioned in the documentation (e.g.,
npm audit,pip-audit) are intended as guidance for the developer to improve security and are not executed by the skill itself.
Audit Metadata