12-factor-app-modernization

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is primarily instructional, offering guidance on refactoring code for cloud-native environments.
  • [DATA_EXPOSURE]: The skill promotes secure practices by identifying hardcoded connection strings and credentials as high-priority risks and providing patterns for externalizing them using environment variables and Kubernetes Secrets.
  • [COMMAND_EXECUTION]: Standard development tools such as git, npm, docker, and kubectl are used for inventory and validation. These commands are consistent with the skill's stated purpose of application modernization and containerization.
  • [EXTERNAL_DOWNLOADS]: Includes instructions for installing tini (an init system for containers) from official package repositories and cloning repositories for analysis.
  • [INDIRECT_PROMPT_INJECTION]: While the skill involves cloning and analyzing external repositories (an attack surface for indirect prompt injection), it provides a structured framework for analysis rather than autonomous execution of the code's logic, mitigating the risk factor.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 12:17 AM
Security Audit — agent-trust-hub — 12-factor-app-modernization