django-allauth
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the django-allauth source code from its official GitHub repository (github.com/pennersr/django-allauth) for validation purposes. It also installs multiple packages from the official Python Package Index (PyPI).
- [COMMAND_EXECUTION]: The script 'scripts/validate_allauth_tests.sh' is executed to run the official test suite. This involves activating a virtual environment and running pytest.
- [PROMPT_INJECTION]: The configured authentication APIs process user-supplied data and OAuth responses, which represents a potential surface for indirect prompt injection.
- Ingestion points: Sign-up, login, and social authentication API endpoints in 'urls.py'.
- Boundary markers: None explicitly mentioned in instructions.
- Capability inventory: The skill can write to the database and local filesystem, and execute test scripts via shell.
- Sanitization: Relies on the security features of the Django framework and the django-allauth library.
Audit Metadata