integrate-zod-env
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The file
references/.env.example.templatecontains example environment variables with placeholder secrets (e.g.,BETTER_AUTH_SECRET=your-secret-key-here). These are standard documentation practices and do not constitute a leak of sensitive production data.\n- [PROMPT_INJECTION]: The skill is designed to ingest and process user-provided.env.examplefiles to generate validation code. This is the primary function of the skill; however, it represents a potential surface for indirect prompt injection if the source data is compromised.\n - Ingestion points: Content from user-provided
.env.examplefiles.\n - Boundary markers: The skill does not define specific delimiters for isolating ingested data during the generation process.\n
- Capability inventory: The skill generates TypeScript code files but does not execute them or perform network requests.\n
- Sanitization: No sanitization is performed on the input file content before it is processed by the agent.
Audit Metadata