mybatis-plus-generator
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions designed to bypass safety filters or override system prompts were found. The documents provide standard instructional guidance for code generation.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network requests are present. External links point to legitimate documentation for MyBatis-Plus and GitHub repositories.
- Obfuscation (SAFE): All content is in plain-text Markdown. No encoded strings, hidden characters, or homoglyphs were detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include scripts for downloading or executing external code. It provides references for Java/MyBatis-Plus development which are standard in the industry.
- Indirect Prompt Injection (LOW): While the skill is designed to process external inputs (database schemas and table comments), it is a reference-only skill. The risk is limited to the agent's interpretation of those inputs when applying these templates, which is inherent to code generation tasks.
- Privilege Escalation & Persistence (SAFE): No commands or configurations related to system permissions or persistence were identified.
- Metadata Poisoning (SAFE): All titles, descriptions, and examples are consistent with the stated purpose of assisting in Java code generation.
Audit Metadata