nodejs-backend
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides high-quality security guidance, including the use of security headers (Helmet), rate limiting, and robust input validation at API boundaries using Zod.
- [SAFE]: Authentication patterns described are standard and secure, recommending short-lived access tokens, revocable refresh tokens, and strong password hashing (bcrypt or argon2).
- [SAFE]: The documentation emphasizes validating third-party API responses as untrusted data, which is a key defense against indirect prompt injection and data integrity issues.
- [SAFE]: Production resilience patterns such as fail-fast environment validation, health checks, and circuit breakers (Opossum) are correctly implemented in the guidance.
Audit Metadata