rails-principles-and-boundaries
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines was found. The skill uses natural instructional language to guide the agent on Rails development practices.
- [COMMAND_EXECUTION]: The skill instructs the agent to detect and run project-specific linting commands (e.g.,
bundle exec rubocop,npm run lint). These are standard development tools and the skill specifically warns the agent not to assume a specific linter but to check the project's own configuration first. - [DATA_EXFILTRATION]: No network operations or sensitive file exfiltration patterns were detected. The skill mentions sensitive data contexts like PII and IDOR only to provide guidance on security reviews.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, external downloads, or piped shell commands were found.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens are present in the skill.
Audit Metadata