security-and-hardening
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides defensive security instructions and code examples that follow industry-standard best practices (OWASP Top 10). It does not contain executable malicious code, obfuscation, or data exfiltration patterns.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known Node.js libraries used for security hardening (e.g., helmet, zod, dompurify, bcrypt). These are appropriate for the skill's stated purpose of hardening applications.
- [COMMAND_EXECUTION]: Provides example shell commands for security auditing (
npm audit) and pre-commit secret scanning (git diff). These are documented as manual developer actions and do not involve autonomous or risky execution.
Audit Metadata