Skills
skills/forge-town/skills/trpc-on-demand-query/Gen Agent Trust Hub

trpc-on-demand-query

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides architectural patterns for tRPC query parameters with no malicious code or patterns detected.
  • [SAFE]: Robust input validation is demonstrated using Zod schemas, specifically using enums to restrict the 'include' parameter to a predefined set of allowed fields.
  • Evidence: Use of 'z.enum' in 'GetBattleInputSchema.ts' and 'RouterExample.ts'.
  • [SAFE]: Secure data handling is maintained through explicit authorization checks within the procedure logic, ensuring that sensitive data is only retrieved after permission verification.
  • Evidence: The 'getBattle' procedure in 'RouterExample.ts' checks for 'ctx.user' before loading the 'recentVoteId' field.
  • [SAFE]: The field selection logic is implemented using a whitelist-based filtering mechanism, which effectively prevents unauthorized data exposure and protects against prototype-related attacks.
  • Evidence: Implementation in 'RouterExample.ts' uses 'Object.fromEntries' combined with a 'Set' filter to prune response objects.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 03:56 AM