security-best-practices

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill contains no executable scripts or binaries. It is composed of Markdown instructions, YAML configuration, and reference documentation designed to guide an AI agent through a security review process.
  • [PROMPT_INJECTION]: No patterns were found that attempt to override AI safety guidelines, bypass instructions, or extract system prompts. The instructions focus purely on the intended app-security workflow.
  • [DATA_EXFILTRATION]: There are no hardcoded credentials, access to sensitive system paths, or network exfiltration patterns. External URLs point to trusted, well-known documentation sources including OWASP, MDN, and GitHub.
  • [REMOTE_CODE_EXECUTION]: The skill does not attempt to download or execute external scripts, and no dynamic code generation patterns were detected.
  • [COMMAND_EXECUTION]: While standard file tools (Read, Bash, Edit) are included in the configuration, the instructions do not invoke dangerous commands or perform unauthorized system modifications.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:07 AM
Security Audit — agent-trust-hub — security-best-practices