vgv-static-security
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a collection of security best practices and code examples designed to help developers audit Flutter applications. It correctly identifies insecure patterns (like hardcoded keys) and provides secure alternatives.
- [EXTERNAL_DOWNLOADS]: The documentation references
osv-scanner, an official security tool from Google. All links point to trusted repositories or well-known development resources. - [COMMAND_EXECUTION]: The skill mentions standard development commands such as
flutter buildanddart pub, as well as security scanning commands. These are used for their intended purpose in a developer workflow. - [DATA_EXPOSURE]: While the skill contains examples of API keys and tokens, these are explicitly marked as dangerous/hardcoded examples for educational purposes and do not represent actual credentials used by the skill itself.
Audit Metadata