start-core/server-functions
Pass
Audited by Gen Agent Trust Hub on Jun 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for building server-side functions with TanStack Start. It includes strong defensive security advice, warning against relying on route guards for RPC protection and preventing data leakage via improper cache configurations.\n- [EXTERNAL_DOWNLOADS]: The skill identifies and uses standard ecosystem packages including
@tanstack/react-start,@tanstack/react-router, andzod. These are well-known packages used within the intended framework's ecosystem.\n- [SAFE]: Indirect Prompt Injection surface analysis (Cat 8). Ingestion points:inputValidatorandFormDatain SKILL.md. Boundary markers: The skill mandates input validation and provides Zod examples. Capability inventory: Database access (db.query) and server context utilities. Sanitization: Zod schema validation is the recommended approach.
Audit Metadata