didit-best-practises
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Category 2: Data Exposure & Exfiltration] (SAFE): No hardcoded credentials were found. The code examples correctly demonstrate using environment variables for API keys and workflow IDs.
- [Category 4: Unverifiable Dependencies & Remote Code Execution] (SAFE): No unauthorized package installations or remote script executions were detected.
- [Category 8: Indirect Prompt Injection] (LOW): The skill demonstrates handling external webhook data, which is an ingestion surface. However, the logic provided is standard for the primary purpose of the skill and does not interpolate untrusted data into sensitive command execution or prompt logic.
Audit Metadata