rails-action-controller
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is primarily educational, providing best-practice examples for Ruby on Rails development. No malicious behavior or suspicious intent was detected.
- [COMMAND_EXECUTION] (SAFE): Scripts such as
scripts/rest-controller-scaffold.shandscripts/api-controller-template.shuse standard shell commands (mkdir,cat,rails generate) to create local project files. These are typical developer productivity tools and do not execute external or untrusted code. - [DATA_EXFILTRATION] (SAFE): The documentation includes security-conscious examples, such as a directory traversal check in
references/streaming-downloads.mdand the use of 'Strong Parameters' throughout the Ruby snippets to prevent mass-assignment vulnerabilities. - [CREDENTIALS_UNSAFE] (SAFE): Authentication examples use environment variables (
ENV['API_PASSWORD']) or clear placeholders (YOUR_TOKEN) rather than hardcoding sensitive credentials.
Audit Metadata