photo-management
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill mandates a security baseline that includes protection against XSS, CSRF, and path traversal by requiring the 'Vibe Security Skill' during upload flows. \n- [SAFE]: It correctly implements file handling best practices, such as generating unique filenames to prevent collisions and path injection, and validating MIME types server-side. \n- [SAFE]: The skill enforces robust access control by requiring verification of franchise ownership for every data operation (read, write, delete). \n- [SAFE]: Guidelines for file system interactions include safe permission settings (0755 for directories, 0644 for files) and cross-platform path handling. \n- [SAFE]: The requirement for specific plugins ('Superpowers' and 'Frontend Design') appears to be a functional requirement for the intended development environment and does not involve downloading untrusted code or bypassing safety filters.
Audit Metadata