rails-concern
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructional templates for Rails developers to extract shared behavior into modules (concerns).
- [COMMAND_EXECUTION]: The skill uses the Bash tool restricted to
bundle exec rspec, which is a standard and expected practice for the documented TDD workflow. No arbitrary command execution was detected. - [DATA_EXPOSURE]: No hardcoded credentials, sensitive file access, or unauthorized network operations were found. The file paths mentioned are standard Rails directory structures (
app/models/concerns/,spec/models/). - [INDIRECT_PROMPT_INJECTION]: The skill acts as a template generator based on user input. While it facilitates writing and executing code (
Write,Bash), it does so within the context of standard development tasks. No specific vulnerabilities were identified beyond the inherent risk of an agent generating code from user instructions.
Audit Metadata