d3fend-harden
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely informational and serves as a reference guide for security hardening. It does not perform any automated actions, command executions, or network requests.
- [EXTERNAL_DOWNLOADS]: The documentation references well-known security tools such as Semgrep, SonarQube, CodeQL, Bandit, and Gitleaks. These are mentioned in an educational context for static analysis and pre-commit checks.
- [CREDENTIALS_UNSAFE]: An example of a hardcoded credential ('sk-abc123') is present in the source code hardening reference. However, it is explicitly labeled as a 'Bad' practice and used for teaching purposes, which does not constitute a security risk.
Audit Metadata