django-security
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a security reference for Django developers. It contains standard configuration examples for production environments, including security headers (HSTS, CSP, X-Frame-Options) and secure cookie settings. All provided code follows industry-standard security protocols.
- [SAFE]: The content includes explicitly labeled 'BAD' examples to demonstrate common vulnerabilities such as SQL injection via string interpolation and XSS via unsafe template rendering, immediately followed by 'GOOD' examples demonstrating the correct, secure implementation using the Django ORM and proper escaping utilities.
- [SAFE]: Secret management is handled via best practices, recommending the use of environment variables and libraries like
python-decoupleordjango-environinstead of hardcoding credentials. No actual secrets or sensitive data are exposed.
Audit Metadata