Skills
skills/sivaprasadreddy/sivalabs-agent-skills/spring-boot-skill/Gen Agent Trust Hub

spring-boot-skill

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill includes hardcoded credentials for local development and integration testing. Specifically, references/spring-boot-docker-compose.md provides default PostgreSQL passwords (postgres), and references/spring-boot-rest-api-testing.md uses hardcoded test credentials (Admin@1234 and Siva@1234) in the BaseIT.java class for setting up test data. These are standard in developer documentation and intended for non-production use.
  • [EXTERNAL_DOWNLOADS]: Several well-known external dependencies and services are referenced. This includes Docker images (PostgreSQL, Redis, Grafana/Otel-LGTM, Mailpit, Mailhog) and Maven libraries (Spring Modulith, Hypersistence Utils, Spotless). These resources are from established organizations and technology vendors.
  • [COMMAND_EXECUTION]: The references/taskfile.md provides a Taskfile.yml that automates build and deployment tasks using local shell commands. These include executing the Maven wrapper (./mvnw) and docker compose for managing containers. These commands are executed locally within the project directory.
  • [DATA_EXFILTRATION]: There is a surface for metadata exposure via build configurations. The git-commit-id-maven-plugin in references/spring-boot-maven-config.md is configured to include the committer's name and full commit message in the build artifacts. If the Spring Boot Actuator /info endpoint is exposed to the internet, this information could be viewed externally.
  • [PROMPT_INJECTION]: The skill provides patterns for building REST APIs that ingest external data, creating a potential surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the context through REST controllers using @RequestBody and @PathVariable in references/spring-webmvc-rest-api.md.
  • Boundary markers: No explicit instructions or delimiters are provided to the agent to distinguish between its own instructions and external data in these snippets.
  • Capability inventory: The skill provides instructions for database operations via UserRepository and business logic execution in UserService as seen in references/spring-service-layer.md and references/spring-data-jpa.md.
  • Sanitization: Standard JSR-303/JSR-380 validation (@Valid) is used for input verification, but there is no specific sanitization for AI-specific injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 06:55 PM