The Standard Practices
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and consists of documentation, templates, and rules for engineering standards. No malicious code or command execution patterns were detected.
- [DATA_EXPOSURE]: The skill provides strong defensive guidance against data exposure. It includes specific rules (prac-003, prac-041, prac-051) and anti-patterns (AP-PRAC-004) to prevent hardcoding secrets and connection strings in source code.
- [INDIRECT_PROMPT_INJECTION]: While the skill defines procedures for reviewing Pull Requests and branch names (which are user-provided inputs), it does not perform any dangerous operations on this data. It provides formatting and validation rules to ensure adherence to The Standard process.
- [COMMAND_EXECUTION]: Code examples for setting environment variables (using C# and the Windows setx command) are provided as educational material for developers and are not executed by the skill itself.
Audit Metadata