error-handling
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- Log Sanitization and Redaction: The skill implements a multi-layer defense strategy to prevent sensitive data—such as passwords, tokens, and API keys—from appearing in server logs. It utilizes a global safety net along with explicit utility functions to redact identified patterns from strings and dictionaries.
- Secure Error Propagation: The framework enforces a policy of sanitizing error messages before they reach the frontend. This prevents the exposure of raw stack traces, connection strings, or internal application details to the end user, mitigating information disclosure risks.
- Input Sanitization for External Data: The skill includes mechanisms to classify and sanitize error messages originating from external providers (like LLMs or database connectors). This helps ensure that content derived from external sources is handled safely before being processed or displayed.
- Structured Error Protocol: By standardizing error shapes and HTTP status codes, the skill maintains clear boundaries between application-level validation and system-level failures, which promotes consistent and secure error processing across the application stack.
Audit Metadata