a6-plugin-ext-plugin
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical guide for the Apache APISIX external plugin system, including phase priorities, configuration schemas, and troubleshooting steps.
- [EXTERNAL_DOWNLOADS]: The documentation references official repositories for Go, Java, and Python plugin runners hosted by the Apache Software Foundation, which is a trusted organization. It also includes a reference to a community-maintained JavaScript runner.
- [COMMAND_EXECUTION]: The skill provides practical examples of using the 'a6' CLI for route creation and configuration synchronization. These commands are standard administrative operations for managing an APISIX instance.
- [REMOTE_CODE_EXECUTION]: The text describes the system architecture where APISIX executes external plugin runners as subprocesses. This is a core feature of the plugin system designed to allow extensibility in multiple programming languages, not a security flaw in the skill itself.
Audit Metadata