go-frame-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions designed to override agent constraints or bypass safety filters. All content is strictly instructional regarding GoFrame.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network access patterns were identified. External links are limited to the official GoFrame website and GitHub repository.
- [Remote Code Execution] (SAFE): There are no commands or scripts that download and execute code from remote sources. Mentions of the 'gf' CLI are provided as developer guidance, not as automated execution triggers.
- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or homoglyphs were found in the skill content.
- [Indirect Prompt Injection] (SAFE): The skill does not define ingestion points for untrusted external data (such as web search or email) that could be used to manipulate the agent's behavior.
Audit Metadata