objectstack-plugin
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation and configuration resource for the ObjectStack microkernel architecture. It contains Zod schemas for validation and markdown files explaining plugin development best practices.
- [SAFE]: The provided code examples (such as
AuditPlugin) demonstrate standard software development patterns like logging and event hooks within a controlled framework. They do not perform unsafe operations like arbitrary command execution or unauthorized data access. - [SAFE]: The skill mentions 'preview' mode in the kernel context which allows bypassing authentication for demo purposes, but it explicitly includes security notes and schemas (
PreviewModeConfigSchema) stating that this mode must never be used in production environments. - [SAFE]: All external package references (e.g.,
@objectstack/core,@objectstack/spec,vitest) are standard development dependencies related to the authoring organization or well-known testing frameworks. - [SAFE]: The feature flag system and service registry patterns follow industry-standard practices for gradual rollouts and dependency management.
Audit Metadata