Skills
skills/kalshamsi/claude-security-skills/security-headers-audit/Gen Agent Trust Hub

security-headers-audit

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and perform analysis on untrusted project configuration files and application source code.
  • Ingestion points: The workflow identifies and reads various framework configuration files such as nginx.conf, app.js, settings.py, and pom.xml (SKILL.md).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded directives are provided to protect the agent while processing these files.
  • Capability inventory: The skill generates detailed security findings and remediation code snippets based on the input data (SKILL.md).
  • Sanitization: There is no evidence of input validation or content sanitization for the data ingested during the audit process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 04:41 PM