010107-code-quality
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference guide for developers to implement security best practices, such as input validation with Zod, SQL injection prevention using parameterized queries, and secure logging.
- [SAFE]: The documentation includes dummy credentials (e.g., 'sk-1234567890abcdef') specifically used as negative examples to demonstrate insecure coding practices; these do not represent actual secrets or valid API keys.
- [SAFE]: The validation script (
scripts/validate.py) performs static analysis of TypeScript and configuration files in a local directory. It reads file content to check for coding standards and potential hardcoded secrets without performing network operations, writing to the filesystem, or executing external commands.
Audit Metadata