fastify-routes
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No malicious instructions or bypass attempts were found in the skill text or metadata.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive files or perform unauthorized network requests. It defines standard API endpoint structures.
- [Obfuscation] (SAFE): No encoded, hidden, or deceptive content was identified.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The mentioned dependencies (@fastify/type-provider-typebox, @fastify/sensible) are legitimate and standard within the Fastify ecosystem. No remote code execution patterns were found.
- [Privilege Escalation] (SAFE): No commands for acquiring administrative privileges are present.
- [Persistence Mechanisms] (SAFE): The skill does not attempt to create persistent access on the host system.
- [Indirect Prompt Injection] (SAFE): The skill provides patterns for processing external data (API requests) but mitigates risk by mandating strict TypeBox schema validation and authentication headers.
- [Dynamic Execution] (SAFE): No use of eval(), dynamic loading of untrusted code, or unsafe deserialization was observed.
Audit Metadata