handling-api-errors
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as prompt injection, data exfiltration, or obfuscation, were identified. The skill's components are consistent with its described purpose of assisting in API development.
- [COMMAND_EXECUTION]: The skill uses a restricted bash command pattern (api:error-*) for project scaffolding. This is a functional requirement for the skill and is sufficiently scoped to prevent arbitrary execution.
- [PROMPT_INJECTION]: The skill processes API specifications from the project directory. This ingestion surface is documented here for completeness. Ingestion points: {baseDir}/api-specs/ via the Read tool. Boundary markers: Not present. Capability inventory: Includes Write, Edit, and Bash(api:error-*). Sanitization: Not explicitly defined in the skill logic.
Audit Metadata