12-factor-app-modernization
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional, offering guidance on refactoring code for cloud-native environments.
- [DATA_EXPOSURE]: The skill promotes secure practices by identifying hardcoded connection strings and credentials as high-priority risks and providing patterns for externalizing them using environment variables and Kubernetes Secrets.
- [COMMAND_EXECUTION]: Standard development tools such as
git,npm,docker, andkubectlare used for inventory and validation. These commands are consistent with the skill's stated purpose of application modernization and containerization. - [EXTERNAL_DOWNLOADS]: Includes instructions for installing
tini(an init system for containers) from official package repositories and cloning repositories for analysis. - [INDIRECT_PROMPT_INJECTION]: While the skill involves cloning and analyzing external repositories (an attack surface for indirect prompt injection), it provides a structured framework for analysis rather than autonomous execution of the code's logic, mitigating the risk factor.
Audit Metadata