spring-boot-security
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference for Spring Security configuration. It correctly promotes security best practices, such as the use of Argon2 for password hashing, mandatory Lambda DSL for configuration, and explicit request matching.
- [SAFE]: Code examples for JWT validation and OAuth2 resource server configuration use standard, reputable libraries (Nimbus) and follow recommended patterns for issuer and audience verification.
- [SAFE]: The skill includes proactive security measures such as account locking after failed login attempts, CSRF protection for session-based applications, and specific CORS origin configurations.
- [SAFE]: No evidence of prompt injection, data exfiltration, or unauthorized command execution was found in the documentation or code snippets. All URLs provided are standard placeholders for documentation (e.g., example.com).
Audit Metadata