412-frameworks-quarkus-panache
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local Maven commands (
./mvnw compileand./mvnw clean verify) to validate the project state before and after applying changes. This is standard behavior for Java development tasks and necessary for verifying code integrity. - [SAFE]: The skill explicitly promotes security best practices by instructing the agent to prevent JPQL injection. It mandates the use of positional or named parameters instead of unsafe string concatenation when building queries.
- [SAFE]: The skill provides guidance on preventing accidental data exposure. It recommends using DTO projections via the
project(Class)method to ensure only necessary fields are exposed at API boundaries, preventing the leaking of sensitive internal entity data.
Audit Metadata