claude-sdk-integration-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure (SAFE): The code snippets correctly use environment variables (process.env.ANTHROPIC_API_KEY) for credential management rather than hardcoding secrets.
- External Downloads (SAFE): The skill recommends the official @anthropic-ai/sdk package. Anthropic is a recognized trusted organization.
- Indirect Prompt Injection (LOW): The skill provides patterns for processing untrusted user input via the messages array. Ingestion points: User-provided strings in messages content in README.md. Boundary markers: Absent in the simplified quick-start examples. Capability inventory: Network operations to the Anthropic API. Sanitization: Not present in the basic integration snippets.
Audit Metadata