polar-migration
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of official libraries such as
@polar-sh/sdkandstripefrom the NPM registry. - [DATA_EXFILTRATION]: Correctly identifies that sensitive API keys and secrets should be managed through environment variables (
process.env.STRIPE_SECRET_KEY,process.env.POLAR_ACCESS_TOKEN, etc.) rather than hardcoded. - [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping network requests to a shell or using dynamic execution functions like
eval, were detected. - [PROMPT_INJECTION]: The skill does not contain instructions designed to override agent behavior, bypass safety protocols, or leak system prompts.
- [COMMAND_EXECUTION]: Shell commands are limited to standard package management (
npm install).
Audit Metadata