quarkus
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a technical reference library. It provides high-quality guidance on architecting Quarkus applications with a focus on security best practices, such as discouraging the storage of secrets in version control.
- [SAFE]: Configuration examples for security modules (OIDC, JWT, WebAuthn) use standard placeholders or well-known documentation sample strings. No production-sensitive credentials or keys are hardcoded.
- [SAFE]: Command-line examples utilize official Quarkus CLI and build tool (Maven/Gradle) commands. Installation instructions point to official repositories and well-known package managers (SDKMAN!, Homebrew, Chocolatey).
- [SAFE]: Dependencies referenced throughout the skill (e.g., SmallRye, Hibernate, Vert.x) are official extensions part of the Quarkus ecosystem.
- [SAFE]: No obfuscation, dynamic code execution, or privilege escalation patterns were detected. The documentation promotes secure patterns such as using @CheckedTemplate for type-safe rendering and managing schema evolutions with versioned migrations.
Audit Metadata