security-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists of static configuration templates and markdown documentation. No executable malicious code or dangerous patterns were identified.
- [CREDENTIALS_SAFE] (SAFE): The
.env.examplefile correctly uses placeholder strings for secrets (e.g., 'your-super-secret-jwt-key-change-this', 'xxx') and provides explicit instructions for developers to generate their own unique secrets and prevent them from being committed to version control. - [EXTERNAL_DOWNLOADS] (SAFE): The documentation mentions installation of 'helmet', which is a standard and trusted security middleware for Node.js. No untrusted or malicious remote sources are used.
Audit Metadata