llm-integration
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (INFO): The skill is comprised of markdown documentation and reference code snippets designed to educate developers on LLM security best practices. It includes a comprehensive threat model using the STRIDE framework and covers OWASP LLM Top 10 risks.
- [Dynamic Execution] (INFO): A code example in advanced-patterns.md uses the Python pickle library for state persistence. While pickle is normally a MEDIUM risk due to unsafe deserialization, the skill explicitly warns against this risk in security-examples.md (CVE-2024-50050), neutralizing the concern by providing it as a point of educational comparison.
- [Remote Code Execution] (INFO): The documentation discusses historical CVEs and provides remediation steps for vulnerabilities like CVE-2024-34359. It does not contain any malicious code execution patterns.
Audit Metadata