woo-security
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is purely instructional and promotes industry-standard security practices such as CSRF protection using nonces, role-based access control via capabilities, and proper data handling through sanitization and escaping.
- [SAFE]: The skill suggests using WebSearch and WebFetch to retrieve live documentation. While this creates a potential surface for indirect prompt injection, it is used for standard information gathering.
- Ingestion points: WebSearch and WebFetch results from search queries.
- Boundary markers: Absent.
- Capability inventory: Read, Write, Edit, Bash, Grep, Glob, WebSearch, and WebFetch tools.
- Sanitization: Not applicable as the skill provides instructions rather than processing live data.
Audit Metadata