spring-boot-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks identified. The skill adheres to legitimate engineering standards.- [PROMPT_INJECTION] (SAFE): No evidence of role-play, DAN, or system prompt extraction attempts.- [CREDENTIALS_UNSAFE] (SAFE): The skill specifically forbids hardcoding credentials or storing secrets in configuration files, aligning with security best practices.- [INDIRECT_PROMPT_INJECTION] (LOW): The skill exhibits an ingestion surface via REST controller parameters in 'references/web.md'. It lacks explicit boundary markers for LLM instructions within data processing but inventory shows network capability via 'WebClient'. Crucially, it mandates robust sanitization through Bean Validation annotations and regex patterns, significantly reducing the surface risk.- [DATA_EXFILTRATION] (SAFE): No unauthorized file access or external data transmission was identified.
Audit Metadata