backend-specialist
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to bypass safety or override agent behavior were detected. The skill focuses on engineering best practices.
- Data Exposure & Exfiltration (SAFE): The skill explicitly warns against hardcoding secrets and provides clear instructions on using environment variables and secret management (e.g., in the Stripe, Django, and Flask guidelines).
- Unverifiable Dependencies & Remote Code Execution (LOW): While the skill mentions installing tools like 'teamsfx-cli' or using 'pre-commit' hooks, these are references to standard developer tools from trusted organizations (Microsoft, GitHub). No suspicious or hidden remote execution scripts were found.
- Indirect Prompt Injection (LOW): The skill includes instructions to use 'WebFetch' for documentation retrieval, which is a standard surface for indirect prompt injection but is managed by the agent's internal tool-use logic.
- Security Best Practices (SAFE): The documentation includes high-quality advice for securing smart contracts (Solidity), preventing injection in shell scripts (Zsh), and hardening web servers (NGINX).
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata