stimulus
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code patterns for Stimulus JS development within the Rails ecosystem. No malicious patterns or security vulnerabilities were identified in the instructions or code references.
- [SAFE]: Included code examples follow security best practices, such as incorporating CSRF tokens (from Rails meta tags) in
fetchrequests and performing proper resource cleanup (clearing intervals and removing event listeners) in thedisconnect()lifecycle callback to prevent memory leaks. - [SAFE]: The skill uses scoped and standard Rails CLI tools for generating controllers and updating manifests, which are typical for development workflows and do not introduce arbitrary command execution risks.
- [SAFE]: No obfuscation, prompt injection, or unauthorized network operations were detected. All external library references (e.g., flatpickr, @hotwired/stimulus) are standard, well-known packages in the web development ecosystem.
Audit Metadata