security-baseline
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as an educational framework and checklist for establishing web application security baselines, focusing on transport security, HTTP headers, authentication, input handling, and secrets management.
- [SAFE]: References to external auditing tools such as securityheaders.com and observatory.mozilla.org are directed towards well-known, reputable security benchmarking services.
- [SAFE]: The guidance on secrets management explicitly advises against hardcoding credentials in code or configuration files and recommends the use of dedicated secrets managers.
- [SAFE]: Content Security Policy (CSP) recommendations align with modern security standards, including the use of strict, nonce-based policies to mitigate XSS risks.
- [SAFE]: No executable code, remote script downloads, or obfuscated patterns were found in the skill or its reference files.
Audit Metadata