feature-spec
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill is composed of 48 documentation files in Markdown and JSON formats.
- No Executable Logic: The skill contains no executable scripts (JavaScript, Python, Bash) or binary files. All code blocks found in the documentation are static examples for illustrative purposes (e.g., SQL schema examples, Given-When-Then scenarios, or Python pseudo-code for security checks).
- Safe External References: External links provided in the metadata and rules point to highly trusted domains, including owasp.org, atlassian.com, productplan.com, and sre.google.
- No Data Risks: No hardcoded credentials, sensitive file paths, or network exfiltration patterns were detected. Placeholders like 'user@example.com' or 'prod_abc123' are used appropriately for examples.
- No Obfuscation: The content is clear and readable without any evidence of Base64 encoding, zero-width characters, or homoglyph-based evasion techniques.
- Best Practice Guidance: The skill explicitly promotes defensive engineering practices, including security threat modeling, performance budgeting, and formal change management.
Audit Metadata