12-factor-app
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): The skill consists of Markdown documentation and code examples illustrating the Twelve-Factor App methodology.
- Prompt Injection: No behavioral overrides or safety bypass attempts were detected. The triggering logic is purely descriptive of the skill's technical domain.
- Data Exposure: While the files contain examples of secrets and credentials (e.g., 'AKIAIOSFODNN7EXAMPLE', 'sk_live_abc123'), these are explicitly used in 'Incorrect' examples to illustrate what to avoid and are industry-standard dummy values.
- Dependencies & RCE: The skill does not perform any installations or network requests. It provides guidance on how users should manage their own dependencies using lockfiles and manifests.
- Best Practices: The content actively promotes high-security standards, including secret externalization, process isolation, and immutable releases.
Audit Metadata