security-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a knowledge base and template repository for application security. It provides high-quality guidance on using established libraries like Zod, Pydantic, Argon2, and Microsoft Presidio to prevent common vulnerabilities.
- [COMMAND_EXECUTION]: The skill includes a helper script
scan-vulnerabilities.shdesigned to run local security tools (npm audit, pip-audit, bandit). This script is implemented following safe practices, such as using hardcoded shell scripts to parse tool output rather than dynamic execution of untrusted data. - [EXTERNAL_DOWNLOADS]: Documentation within the skill correctly references standard package installation commands for security dependencies (e.g.,
pip install llm-guard,npm install zod). These are informational and point to reputable package registries. - [PROMPT_INJECTION]: The skill contains advanced patterns for defending against prompt injection, specifically through the 'Context Separation' architecture and the
SafePromptBuildertemplate, which audits prompts for identifiers before sending them to an LLM.
Audit Metadata