fullstack-security
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWSAFENO_CODE
Full Analysis
- [NO_CODE] (INFO): The skill defines significant security actions like 'harden_infrastructure' and 'audit_security' in its metadata, but no functional implementation scripts are provided for these capabilities. The included 'validate.py' only performs internal skill structure checks.
- [Category 8: Indirect Prompt Injection] (LOW): Evidence Chain: 1. Ingestion points: External backend, frontend, and infrastructure source code (SKILL.md). 2. Boundary markers: Absent in prompt instructions. 3. Capability inventory: 'harden_infrastructure' suggests potential write or configuration modification capabilities (SKILL.md). 4. Sanitization: Not implemented in provided validation logic. While the ingestion surface is present, the lack of execution code minimizes immediate risk.
Audit Metadata