api-framework-hono
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive security guidance for API development using the Hono framework.
- [SAFE]: It explicitly addresses and provides mitigations for JWT algorithm confusion vulnerabilities (CVE-2026-22817 and CVE-2026-22818) by requiring explicit algorithm declarations.
- [SAFE]: The logging examples include robust PII (Personally Identifiable Information) sanitization logic to ensure compliance with privacy regulations like GDPR.
- [SAFE]: The skill promotes strict schema validation using Zod, which serves as a primary defense against malformed input and injection attempts.
- [SAFE]: It provides clear guidance on secure CORS configurations, specifically warning against the dangerous use of wildcard origins combined with credentials.
Audit Metadata