django-deployment
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements strong security defaults for production environments, including SSL redirects, HSTS, secure cookies, and cross-site scripting protections.
- [PROMPT_INJECTION]: The skill reads from
.agents/django-project-context.md, creating an indirect prompt injection surface. 1. Ingestion point:.agents/django-project-context.md. 2. Boundary markers: Absent. 3. Capabilities: Subprocess calls for migrations and Docker management in SKILL.md. 4. Sanitization: Absent. The risk is categorized as SAFE because the instructions are primarily template-driven and the context reading is for environment detection. - [COMMAND_EXECUTION]: The provided Dockerfile and deployment scripts use standard commands for package management and service orchestration.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by providing a
.env.examplefile with placeholders for sensitive variables likeSECRET_KEYandAWS_ACCESS_KEY_IDinstead of hardcoding actual credentials.
Audit Metadata