api-database-redis
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill promotes secure configuration by directing users to use environment variables like REDIS_URL and SESSION_SECRET instead of hardcoding sensitive credentials.
- [SAFE]: All demonstrated interactions with Redis use reputable and well-maintained libraries such as ioredis, node-redis, and BullMQ.
- [SAFE]: Dynamic code execution via Redis Lua scripts is implemented using proper parameterization with KEYS and ARGV, effectively preventing script injection vulnerabilities.
- [SAFE]: The examples for session management include standard security flags such as HttpOnly, SameSite, and secure cookies for production environments.
- [SAFE]: The skill provides explicit guidance on avoiding performance-killing and potentially blocking commands like KEYS in production, suggesting the safer scanStream alternative instead.
- [SAFE]: No malicious patterns, unauthorized remote downloads, or data exfiltration techniques were detected across any of the analyzed files.
Audit Metadata