kitcn
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents the use of standard development tools and libraries (Convex, Better Auth, Hono). All external package installations and command executions (e.g.,
bunx kitcn dev,bunx convex dev) are standard for the tech stack and target established developer services. - [SAFE]: Data handling patterns emphasize security, including instructions for verifying signatures for external webhooks (Stripe, Discord, Polar) and using
ctx.ormto enforce Row-Level Security (RLS) and constraints, while warning against the bypass capabilities ofctx.db. - [SAFE]: Environment variable management is handled securely through guided setup and CLI tools like
kitcn env sync, avoiding the use of hardcoded secrets or credentials. - [SAFE]: Prompt injection risks are mitigated by the use of structured data (Zod schemas) for all inputs and outputs, and by providing explicit error handling patterns using
CRPCError.
Audit Metadata