api-generator
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill instructions. The instructions emphasize incremental, additive changes and strictly follow existing project conventions.
- [PROMPT_INJECTION]: While the skill processes user-provided API specifications which could serve as an indirect injection vector, the risk is mitigated by a mandatory 'Plan Mode' requiring human approval before code generation occurs.
- Ingestion points: Processes user-supplied API methods, paths, and schemas defined in Phase 3 and Interview Mode.
- Boundary markers: Implements a mandatory Phase 2 'Plan Mode' and requires explicit user approval before execution.
- Capability inventory: Generates (writes) request functions, types, mock handlers, and test artifacts.
- Sanitization: Relies on human-in-the-loop verification of the generated plan to prevent unintended modifications.
Audit Metadata