core-principles
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses instructional language to establish precedence for its coding guidelines over conflicting advice from other skills. This is a standard project-specific configuration pattern and does not attempt to bypass safety filters or core agent instructions.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The skill explicitly advocates for security best practices, such as using AWS Secrets Manager or SSM Parameter Store and avoiding hardcoded API keys in repositories.
- [DATA_EXFILTRATION]: No network operations (curl, wget, fetch) or data transmission patterns were detected. Code examples focus on pure functions and environment variable validation.
- [COMMAND_EXECUTION]: The skill contains no executable shell commands, subprocess calls, or scripts. All code snippets provided are for instructional purposes only.
Audit Metadata