api-schema-zod
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill documentation and structure are consistent with its stated purpose of assisting with Zod schema generation and do not contain any obfuscated or malicious instructions.
- [COMMAND_EXECUTION]: The skill uses local filesystem tools (Read, Write, Edit, Glob, Grep) which are necessary for generating and managing code files in a development workflow.
- [PROMPT_INJECTION]: The skill provides a template for generating code based on user input (e.g., fields and names). While this creates a surface for indirect prompt injection, it is part of the intended primary functionality. (1) Ingestion points: Command arguments for schema names and fields. (2) Boundary markers: None. (3) Capability inventory: File write and edit tools. (4) Sanitization: Not specified. This finding is assessed as safe given the context of the skill's primary use case.
Audit Metadata