api-design
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill is entirely composed of informational markdown files and architectural advice.
- [CREDENTIALS_UNSAFE]: Example tokens and keys provided in the documentation are clearly marked placeholders or benign examples (e.g., '9f1c-…' and a base64-encoded cursor token 'eyJ0cyI6...') and do not contain real secrets.
- [PROMPT_INJECTION]: The skill documents how to handle untrusted client input via APIs. 1. Ingestion points: API request bodies and parameters described in SKILL.md and references. 2. Boundary markers: Use of stable error envelopes and validation is recommended. 3. Capability inventory: The skill contains no code or subprocess capabilities. 4. Sanitization: The documentation explicitly advises on request validation and payload limits.
Audit Metadata