fastapi
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill uses authoritative language like 'CRITICAL' and 'MANDATORY COMPLIANCE' to enforce a specific development workflow. While these markers often appear in injection attempts, here they are strictly instructional for maintaining technical quality and do not attempt to bypass safety filters or ignore system instructions.
- DATA_EXFILTRATION (SAFE): No unauthorized file access or external network calls were detected. The skill uses standard internal interfaces (memoryStore, contextProvider) for state management.
- COMMAND_EXECUTION (SAFE): The skill does not execute shell commands or spawn subprocesses. It is entirely focused on providing architectural guidance and documentation.
- EXTERNAL_DOWNLOADS (SAFE): No remote scripts, external dependencies, or unverified packages are downloaded or executed.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill processes user input about API designs, it does not execute this data or interpolate it into high-privilege execution contexts. The analysis is performed within a controlled guidance workflow.
Audit Metadata