kotlin-app-config
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides architectural templates for type-safe environment configuration in Kotlin, promoting structured code over insecure practices.
- [CREDENTIALS_UNSAFE]: The code snippets were audited for hardcoded secrets. The patterns demonstrate the secure practice of loading database URLs, Kafka brokers, and passwords via environment variables (e.g.,
System.getenv("Nais_CLUSTER_NAME")) and property lookups. - [EXTERNAL_DOWNLOADS]: The skill references the
navikt/hotlibsGitHub repository. This is a legitimate reference to a library owned by the skill's authoring organization and does not involve untrusted remote execution. - [COMMAND_EXECUTION]: No shell commands, subprocess spawning, or system-level execution patterns are present in the provided Kotlin code or documentation.
Audit Metadata