moai-security-api
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides high-quality educational content and implementation examples for securing APIs. No malicious instructions, obfuscation, or data exfiltration patterns were detected.
- [SAFE]: Code examples for JWT authentication, Role-Based Access Control (RBAC), and rate limiting follow security best practices, including the use of environment variables for secrets and short-lived tokens.
- [SAFE]: The skill demonstrates defensive programming techniques, such as SSRF protection with IP blocklists and domain allowlists, input validation using Pydantic/Zod, and secure CORS configuration.
- [SAFE]: Recommended security tools (e.g., Bandit, Safety, OWASP ZAP) are well-known, legitimate packages used for security auditing and vulnerability scanning.
Audit Metadata