ordina-panel-screen
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a local Python script (
scripts/scaffold_screen.py) designed to generate source code files and directories. This script uses standard libraries and performs legitimate file system operations consistent with its role as a developer scaffolding tool.\n- [PROMPT_INJECTION]: The scaffolding process uses an entity name provided by the user to populate templates. While this creates an ingestion surface for indirect injection, the risk is minimal given the manual review steps required by the generated 'TODO' comments and the context of local development.\n- [SAFE]: No unauthorized network requests, credential exposure, or remote code execution patterns were detected. The generated code architecture enforces a secure Backend-for-Frontend (BFF) pattern, ensuring all Keystone.js interactions are mediated by authenticated Next.js API routes.
Audit Metadata