spring-boot-data-access

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill contains instructional content focused on Spring Boot development best practices. No attempts to override system prompts, bypass safety filters, or extract system instructions were found.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive file paths, hardcoded credentials, or unauthorized network operations were detected. Recommendations like disabling open-in-view and avoiding production ddl-auto=create reflect standard security best practices.
  • [OBFUSCATION]: No encoded strings (Base64), zero-width characters, or homoglyph substitutions were identified in the source files.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill mentions standard enterprise libraries such as Spring Data JPA, Hibernate, HikariCP, Flyway, and Liquibase. There are no patterns involving remote script execution or unverifiable package installations.
  • [PRIVILEGE_ESCALATION]: No commands related to privilege escalation (e.g., sudo, chmod) or unauthorized permission modifications were found.
  • [INDIRECT_PROMPT_INJECTION]: While the skill is designed to process user-provided Java source files (Repositories and Entities), it does not possess dangerous capabilities like arbitrary code execution, file writing, or network exfiltration that could be exploited via malicious data ingestion.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:03 PM
Security Audit — agent-trust-hub — spring-boot-data-access