fastapi-templates
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided project requirements and constraints to generate implementation patterns, creating an indirect prompt injection surface.
- Ingestion points: Instructions in
SKILL.mdrequire clarifying user goals and inputs which are then used to shape the generated FastAPI code. - Boundary markers: No explicit boundary markers or instructions are provided to distinguish between the skill's trusted templates and untrusted user-provided content.
- Capability inventory: The skill generates complete Python files, including database logic, API routes, and security middleware.
- Sanitization: The playbook does not specify sanitization or validation methods for user-supplied data before it is interpolated into the code structure.
- [SAFE]: The implementation patterns utilize industry-standard security practices, such as using environment variables via
pydantic-settingsfor managing sensitive keys likeSECRET_KEY. - [SAFE]: Authentication and security logic leverage reputable libraries including
passlib(with bcrypt) for hashing andpython-josefor secure JWT handling.
Audit Metadata