fullstack-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is a collection of templates and best practices for modern web development. It does not contain any instructions to bypass safety filters, access sensitive system files, or execute unauthorized remote code.
- [Indirect Prompt Injection] (LOW): As a code generation assistant, the skill processes user-provided requirements (e.g., 'Create a blog API'). While it lacks explicit boundary delimiters for user input, the skill's core instructions emphasize security-first development, specifically highlighting input validation using Zod and sanitization, which mitigates the risk of generating insecure code based on malicious user input.
- [Unverifiable Dependencies] (SAFE): The skill references standard, industry-recognized packages (Next.js, Prisma, Zod, React Query). The usage of 'npm install' and 'npx' commands is restricted to project initialization and is appropriate for the skill's stated purpose.
Audit Metadata