astro-security
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard, well-known security scripts such as Cloudflare Turnstile (
https://challenges.cloudflare.com/turnstile/v0/api.js) for bot protection. - [DATA_EXPOSURE] (SAFE): The skill correctly instructs developers to use
.envfiles for secrets (Turnstile keys, API keys) and explicitly warns against committing them to version control or exposing them client-side. - [COMMAND_EXECUTION] (SAFE): No patterns of arbitrary command execution or shell script invocation were detected.
- [DATA_EXFILTRATION] (SAFE): The code snippets provided for form handling perform legitimate server-side verification with Cloudflare APIs and do not exfiltrate sensitive data to unauthorized third parties.
- [PROMPT_INJECTION] (SAFE): No instructions designed to override agent behavior or bypass safety guardrails were found.
Audit Metadata