recovery-coach-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation, project structure overviews, and code boilerplate for components, API routes, and database queries. No malicious instructions, obfuscation, or data exfiltration patterns were identified.
- [CREDENTIALS_UNSAFE]: The 'Environment Variables' section lists sensitive configuration keys such as
SESSION_SECRETandANTHROPIC_API_KEY, but these are provided as empty placeholders without hardcoded secrets. - [COMMAND_EXECUTION]: The skill metadata allows the use of
Bashwithnpmandnpxcommands. This is consistent with the provided development workflow, which includes running linters (npm run lint), tests (npm run test), and validation scripts.
Audit Metadata