bx-esapi
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional, detailing the use of the
bx-esapimodule for BoxLang. It includes installation instructions using standard package managers for the ecosystem (install-bx-moduleandbox install). - [SAFE]: All functions described (e.g.,
encodeForHTML,encodeForJavaScript,htmlSanitize) are security utilities designed to mitigate common web vulnerabilities. The documentation actively encourages security best practices, such as context-aware output encoding and using parameterized queries instead of manual SQL encoding. - [SAFE]: No malicious patterns such as prompt injection, data exfiltration, obfuscation, or unauthorized remote code execution were detected. The external resource
bx-esapialigns with the author's namespace (ortus-boxlang).
Audit Metadata