spring-boot
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard enterprise development patterns for Spring Boot 3.x that align with security best practices.
- [COMMAND_EXECUTION]: The instructions include standard Maven wrapper (./mvnw) commands for building and testing, which is expected behavior for Java development.
- [DATA_EXPOSURE]: Security constraints in the skill emphasize the importance of externalizing secrets and avoiding hardcoded credentials in properties files.
- [REMOTE_CODE_EXECUTION]: Dependencies such as the PostgreSQL image for Testcontainers are pulled from well-known registries, and no unverified remote code execution was found.
- [PROMPT_INJECTION]: The skill defines clear boundaries for untrusted data ingestion via REST controllers and mandates the use of Jakarta Validation constraints and @Valid annotations to sanitize external input.
Audit Metadata