backend-dev
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and reference materials promote secure development practices, such as using parameterized queries to prevent SQL injection, avoiding hardcoded secrets, and validating inputs at API boundaries.
- [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines was found in the skill metadata or instructions.
- [DATA_EXFILTRATION]: No commands for data exfiltration or sensitive file access were detected. The documentation explicitly advises against hardcoding secrets or logging sensitive data in Phase 5 and the handoff checklists.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface as it processes external architectural designs and API contracts while having access to the Bash tool. This is consistent with its primary purpose as a backend coding assistant and is mitigated by procedural review phases. \n
- Ingestion points: Architecture designs, API contracts, and component specs identified in Phase 1 (SKILL.md). \n
- Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are specified for input documents. \n
- Capability inventory: Access to Read, Grep, Glob, and Bash tools (SKILL.md). \n
- Sanitization: The skill relies on manual quality checklists and review phases (Phase 4) rather than technical sanitization of input documents.
Audit Metadata