Skills
skills/housegarofalo/claude-code-base/trpc-api/Gen Agent Trust Hub

trpc-api

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references standard, industry-recognized libraries such as @trpc/server, @tanstack/react-query, and zod, which are essential for its functionality and sourced from the official NPM registry.
  • [PROMPT_INJECTION]: The skill involves data ingestion from external clients via tRPC procedures, which constitutes an indirect prompt injection surface.
  • Ingestion points: Input arguments in the userRouter procedures defined in src/server/routers/user.ts (e.g., getById, create, update).
  • Boundary markers: Strong boundary enforcement using tRPC's .input() method paired with Zod schemas.
  • Capability inventory: Performing CRUD operations on a database through the Prisma ORM as seen in src/server/routers/user.ts.
  • Sanitization: Strict validation and sanitization of incoming data using Zod schema types (e.g., UUID, email, and string length constraints).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:09 AM