kotlin-ktor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure & Exfiltration (SAFE): No access to sensitive system paths or unauthorized network communication detected. Code snippets in the documentation use standard placeholder domains for demonstration purposes.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The validation script
scripts/validate.pyuses standard Python libraries and does not perform any external package installations or remote script executions. - Dynamic Execution (SAFE): The Python scripts utilize
yaml.safe_load()instead of the unsafeload()method, preventing potential arbitrary code execution via malicious YAML payloads. - Indirect Prompt Injection (SAFE): The skill defines strict validation for its input parameters (e.g., the
topicparameter uses a specific regex whitelist), minimizing the risk of prompt-based attacks through user input.
Audit Metadata