flask-backend-codegen
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions explicitly prohibit security anti-patterns such as hardcoding credentials or secrets in the generated code.
- [SAFE]: Implements a robust authorization model using Casbin and enforces the use of permission decorators on all generated API endpoints.
- [SAFE]: Includes a dedicated security and architecture linting script (scripts/check_route_layer.py) to verify that generated code adheres to layering constraints, such as prohibiting direct database access from the routing layer.
- [SAFE]: Data ingestion is limited to local project documentation (e.g., docs/*.md) to ensure alignment with project-specific requirements, which is appropriate for the skill's primary function.
Audit Metadata