rails-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides architectural guidance and code patterns for Ruby on Rails 8 applications. All provided examples follow industry best practices for security, maintainability, and organization.
- [DATA_EXPOSURE]: No hardcoded credentials or sensitive file paths were detected. The guide explicitly emphasizes multi-tenancy security by instructing users to always scope queries through an account-level association (e.g.,
current_account.events) to prevent unauthorized data access between tenants. - [COMMAND_EXECUTION]: The skill mentions standard Rails commands like
bin/rails generate authentication, which is a built-in framework feature. No arbitrary or dangerous command execution patterns were found. - [EXTERNAL_DOWNLOADS]: References to external tools and libraries (e.g., Solid Queue, Kamal, Thruster, Sentry, Rollbar) are restricted to well-known, official Rails ecosystem components and industry-standard monitoring services.
- [PROMPT_INJECTION]: The instructions and metadata do not contain any patterns intended to bypass safety filters or override agent behavior. The content is purely educational and instructional.
- [DATA_HYGIENE]: The code examples for search queries include manual sanitization for SQL LIKE clauses (e.g.,
sanitize_like(term)), demonstrating a focus on preventing common vulnerabilities like SQL injection.
Audit Metadata