best-practice

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references documentation from trusted organizations such as OWASP, W3C, Google, Vercel, and Meta to support its quality enforcement rules.- [DATA_EXFILTRATION]: Includes strong guidelines for secret management, explicitly instructing that credentials and private data must be excluded from source code, logs, and public artifacts.- [REMOTE_CODE_EXECUTION]: Proactively addresses software supply chain risks by recommending the use of OIDC trusted publishing, pinning dependency versions, and disabling install scripts where feasible.- [PROMPT_INJECTION]: Provides architectural strategies for AI agent safety, specifically advising on the use of delimiters and boundaries to separate system instructions from untrusted data.- [COMMAND_EXECUTION]: Enforces the principle of least privilege for CI/CD environments and warns against unsafe operations like force pushing without documented cause.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:35 AM
Security Audit — agent-trust-hub — best-practice