412-frameworks-quarkus-panache
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Maven commands (
./mvnw compile,mvn clean verify) for project state validation. These commands are integral to the development workflow and include blocking conditions to prevent unsafe modifications if compilation fails. - [PROMPT_INJECTION]: Comprehensive safety rules are included to prevent query injection vulnerabilities. The instructions strictly forbid string concatenation for query building and instead require the use of positional or named parameters.
- [DATA_EXFILTRATION]: To protect sensitive data, the skill advocates for the use of DTO projections (
project(Class)) and manual mapping. This practice ensures that internal database entity fields are not leaked through REST boundaries.
Audit Metadata