ai-wrapper-product
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains architectural patterns and code snippets for building AI wrappers. It demonstrates security-conscious practices such as input length validation, schema-based output validation, and usage of environment variables for API keys.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill explicitly warns against exposing AI API keys and provides mitigation strategies like moving calls to the backend and using environment variables. No hardcoded secrets or unauthorized network operations were found.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. The JavaScript snippets use standard, well-known libraries like the Anthropic SDK and p-queue for legitimate application logic.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes processing user input through AI models, it includes specific capabilities and patterns for input sanitization, prompt templating, and output validation to mitigate common LLM-related risks.
Audit Metadata