uvicorn
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the standard Python packages
uvicornandgunicornfrom the official PyPI registry, which are well-known and trusted components for Python web development.\n- [COMMAND_EXECUTION]: The skill usesuvicornandgunicorncommands to start web server processes as intended for its functionality. The programmatic configuration includesforwarded_allow_ips='*', which is documented correctly alongside guidance to deploy behind a reverse proxy.\n- [SAFE]: Includes a secure Dockerfile implementation that follows the principle of least privilege by running the application as a non-root system user (app).\n- [SAFE]: Provides appropriate guidance on network security, such as recommending the use of a reverse proxy for TLS termination and client IP handling.
Audit Metadata