api-design

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues were detected. The skill is entirely composed of informational markdown files and architectural advice.
  • [CREDENTIALS_UNSAFE]: Example tokens and keys provided in the documentation are clearly marked placeholders or benign examples (e.g., '9f1c-…' and a base64-encoded cursor token 'eyJ0cyI6...') and do not contain real secrets.
  • [PROMPT_INJECTION]: The skill documents how to handle untrusted client input via APIs. 1. Ingestion points: API request bodies and parameters described in SKILL.md and references. 2. Boundary markers: Use of stable error envelopes and validation is recommended. 3. Capability inventory: The skill contains no code or subprocess capabilities. 4. Sanitization: The documentation explicitly advises on request validation and payload limits.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 07:49 PM
Security Audit — agent-trust-hub — api-design