security-fastapi
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes
ripgrep(rg) to scan local project files for FastAPI-specific patterns such as CORS configurations and security middleware. These commands are local and consistent with the skill's stated purpose of providing a security audit. - DATA_EXFILTRATION (SAFE): No network operations (e.g., curl, wget) or attempts to access sensitive system files (e.g., SSH keys, credentials, or environment files) were detected.
- REMOTE_CODE_EXECUTION (SAFE): There are no remote downloads, piped execution from external URLs, or dynamic execution of external scripts.
- PROMPT_INJECTION (SAFE): The instructions do not contain markers for overriding agent behavior, bypassing safety filters, or extracting system prompts.
- INDIRECT_PROMPT_INJECTION (LOW): As a security scanner, the tool ingests local Python files. While an attacker could theoretically place instructions in code comments, the risk is inherent to the auditing task and mitigated by the static nature of the tool.
Audit Metadata