411-frameworks-quarkus-jdbc

Pass

Audited by Gen Agent Trust Hub on Jul 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of local build tools (./mvnw compile and ./mvnw clean verify) to validate the project state. These are standard developer operations intended to ensure functional integrity during refactoring.
  • [PROMPT_INJECTION]: The skill processes untrusted external code for review, creating an indirect prompt injection surface.
  • Ingestion points: Project source files and user-provided code context.
  • Boundary markers: None identified in the instructional text for analyzed code blocks.
  • Capability inventory: File read/write access and shell execution (via Maven).
  • Sanitization: The skill advocates for sanitization in the generated code (parameterized queries) but does not explicitly sanitize the inputs it processes for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 11, 2026, 05:56 PM
Security Audit — agent-trust-hub — 411-frameworks-quarkus-jdbc