ecto-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses database migrations and queries but correctly employs parameterized fragments and the pin operator (
^) to prevent SQL injection. It explicitly documents string interpolation in fragments as a high-risk anti-pattern. - [DATA_EXFILTRATION]: There are no detected network operations or attempts to access sensitive system files. Database operations are scoped to the application's repository context.
- [PROMPT_INJECTION]: The skill instructions focus on architectural patterns and code quality. No override or bypass patterns were detected in the instructions or metadata.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or dynamic execution patterns (like
evalorCode.eval_string) are present in the provided files. - [SAFE]: The skill differentiates between
cast(for external, untrusted input) andchange/put_change(for internal, trusted data), which is a key security practice in Elixir applications to prevent mass assignment vulnerabilities.
Audit Metadata