fastapi-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown instructions and code snippets for educational/review purposes. No executable logic, scripts (.py, .js, .sh), or configuration files are present.
- [DATA_EXPOSURE] (SAFE): While the skill mentions security concepts like JWT and OAuth2, it does not contain or request any hardcoded credentials or sensitive local file access. The code snippets provided are generic templates for best practices.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard FastAPI-related libraries (e.g., httpx, pydantic, aiofiles) as recommendations but does not perform any automated installation or download operations.
- [PROMPT_INJECTION] (SAFE): No malicious override instructions or jailbreak attempts were detected in the text or metadata.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a code review skill, it is designed to process untrusted user-provided code. While this creates an ingestion surface for indirect prompt injection, the skill itself lacks executable capabilities (like file writing or network requests) that could be exploited by such an injection.
Audit Metadata