orpc-fullstack
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious patterns found in the 10 threat categories. The skill serves as a reference for building type-safe APIs.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references established open-source libraries (oRPC, Hono, Zod, TanStack Query). No unverified or high-risk dependencies are present.
- [FALSE_POSITIVE] (SAFE): An automated scanner alert flagged 'client.do' as a phishing URL. This is a false positive, as the string is part of a code example's method call ('client.doSomething') and not a functional URL or phishing attempt.
- [DATA_EXPOSURE] (SAFE): Code examples for authentication (e.g., 'Bearer ${getToken()}') use placeholders and standard implementation patterns rather than hardcoding secrets.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata