arkiv-best-practices
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access attempts were detected in the skill's instructions or referenced documentation.
- [DATA_EXPOSURE]: The skill follows security best practices by explicitly instructing developers to load sensitive credentials like private keys from environment variables rather than hardcoding them in the source code.
- [EXTERNAL_DOWNLOADS]: The skill references the official Arkiv SDK and established libraries such as TanStack Query and Zod from reputable package registries (NPM) and well-known CDNs (ESM.sh).
- [INDIRECT_PROMPT_INJECTION]: The skill acknowledges the risks of processing untrusted data from a decentralized network and provides comprehensive patterns for using schema validation libraries (Zod, Valibot) to sanitize and verify the integrity of external payloads before they are used by the application.
Audit Metadata