ctfd
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks detected in the skill instructions or provided commands.
- [COMMAND_EXECUTION]: Includes standard, expected commands for Docker management (
docker compose), Python testing (pytest), and Flask database migrations (flask db upgrade) within the context of CTFd operations. - [DYNAMIC_EXECUTION]: Describes a legitimate technical pattern for loading Python plugins with hyphens in their directory names using
importlib, which is a common workaround for Python module naming limitations. - [SAFE]: Provides proactive security advice, such as using
CTFd.utils.crypto.hash_password()and properly managing theSECRET_KEYand CSRF tokens to maintain the security of the CTFd instance.
Audit Metadata