Skills
skills/auth0/agent-skills/auth0-java-mvc-common/Gen Agent Trust Hub

auth0-java-mvc-common

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the latest release version tag from the official Auth0 repository on GitHub to ensure the application uses current and secure dependencies.
  • [COMMAND_EXECUTION]: Utilizes local build systems like Maven and Gradle, along with the Auth0 CLI, to automate application setup and verification.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where external version data from GitHub influences project configuration. 1. Ingestion points: SDK version tag fetched in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: gh, gradlew, and mvn subprocess calls in SKILL.md; auth0 CLI calls in references/setup.md. 4. Sanitization: Absent.
  • [SAFE]: Encourages secure credential management by instructing users to utilize environment variables or git-ignored configuration files instead of hardcoding sensitive secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:45 PM
Security Audit — agent-trust-hub — auth0-java-mvc-common