graalvm-native-image
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection or obfuscation techniques were identified. Instructions are purely technical and focused on Java build processes.
- [SAFE]: The skill utilizes official and well-known GraalVM build tools and plugins (e.g.,
org.graalvm.buildtools:native-maven-plugin). - [SAFE]: Command execution is restricted to standard build tool wrappers (
mvnw,gradlew), JVM operations, and running the generated native binary for local validation. - [SAFE]: Network operations are limited to health checks of the locally running service (
localhost:8080) and standard dependency resolution via build tools. - [SAFE]: The skill operates on local project files to provide contextual configuration and diagnostic help, which is necessary for its primary function.
- [SAFE]: Best practices for secret management are promoted, suggesting the use of environment variables rather than embedding sensitive data in the binary.
Audit Metadata