316-frameworks-spring-mongodb-migrations-mongock

Pass

Audited by Gen Agent Trust Hub on Jul 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard build commands like ./mvnw compile and mvn clean verify to validate the application state during migration configuration. These actions are aligned with the skill's primary purpose of maintaining project stability.
  • [EXTERNAL_DOWNLOADS]: The skill manages official Maven dependencies (e.g., io.mongock, org.testcontainers) from established registries. It incorporates a specific 'EXTERNAL RUNTIME GATE' to ensure Docker images are only pulled with explicit user approval and from policy-approved sources.
  • [PROMPT_INJECTION]: The skill processes project configuration files and source code which constitutes an indirect prompt injection surface. The risk is mitigated by mandatory build verification. Ingestion points: pom.xml, dependency management, and source files. Boundary markers: absent. Capability inventory: command execution and file system modification. Sanitization: absent, relies on compilation results.
  • [SAFE]: The instructions emphasize safety and stability, enforcing idempotency and compatibility between Spring Boot versions and Mongock drivers. No malicious patterns such as exfiltration, obfuscation, or persistence were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 11, 2026, 05:56 PM
Security Audit — agent-trust-hub — 316-frameworks-spring-mongodb-migrations-mongock