backstage
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for local configuration generation and does not perform network requests or execute arbitrary commands.
- [DATA_EXFILTRATION]: The skill reads local project metadata (e.g., Jira keys, Sentry slugs) from .mcpcontext to populate the catalog file. This data is handled locally and is not sent to external servers.
- [PROMPT_INJECTION]: The skill processes content from repository files which could be manipulated (Indirect Prompt Injection). The risk is minimal as the output is restricted to a specific YAML schema.
- Ingestion points: backstage.yaml, .mcpcontext, and code files like package.json (SKILL.md)
- Boundary markers: Absent
- Capability inventory: Write tool used to create the catalog file (SKILL.md)
- Sanitization: None specified for the read file content
Audit Metadata