nest
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill focuses on established architectural patterns for the NestJS framework.
- [DATA_EXPOSURE]: The skill correctly recommends using environment variables via NestJS ConfigModule for managing secrets, rather than hardcoding them.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes processing user input through DTOs, it explicitly enforces the use of
ValidationPipewithwhitelist: trueandclass-validatordecorators, which are standard security boundaries for preventing unexpected data ingestion. - [EXTERNAL_DOWNLOADS]: All external references point to official documentation (docs.nestjs.com) or well-known, trusted open-source repositories (typestack/class-validator).
Audit Metadata