platform-backend
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Security (SAFE): The skill provides high-quality guidance on authentication, authorization, and data isolation. It explicitly instructs users to avoid common pitfalls such as hardcoding secrets or leaking internal system details in error messages.
- Data Handling (SAFE): Includes clear rules for input validation at API boundaries and output schema definition to prevent accidental data exposure.
- Secrets Management (SAFE): While the file
rules/security-never-commit-secrets.mdcontains a string pattern resembling an API key (sk_live_abc123...), it is explicitly used within a 'NEVER DO THIS' code example to demonstrate insecure practices and does not constitute a real credential leak. - Command Execution (SAFE): No shell commands, subprocess calls, or network operations were found in the skill's logic or referenced files.
Audit Metadata