security-best-practices
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains no executable scripts or binaries. It is composed of Markdown instructions, YAML configuration, and reference documentation designed to guide an AI agent through a security review process.
- [PROMPT_INJECTION]: No patterns were found that attempt to override AI safety guidelines, bypass instructions, or extract system prompts. The instructions focus purely on the intended app-security workflow.
- [DATA_EXFILTRATION]: There are no hardcoded credentials, access to sensitive system paths, or network exfiltration patterns. External URLs point to trusted, well-known documentation sources including OWASP, MDN, and GitHub.
- [REMOTE_CODE_EXECUTION]: The skill does not attempt to download or execute external scripts, and no dynamic code generation patterns were detected.
- [COMMAND_EXECUTION]: While standard file tools (Read, Bash, Edit) are included in the configuration, the instructions do not invoke dangerous commands or perform unauthorized system modifications.
Audit Metadata