api-design-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security threats identified. The skill is limited to providing design principles and checklists.
- [NO_CODE]: The skill contains no executable logic, scripts, or automated tasks.
- [PROMPT_INJECTION]: The skill processes external API definitions for review, creating a surface for indirect prompt injection, but the absence of any functional capabilities (network, file system, or execution) renders this risk negligible.
- Ingestion points: API contract definitions and function signatures provided by the user in SKILL.md context.
- Boundary markers: Absent; no delimiters are defined to separate user input from system instructions.
- Capability inventory: None; no commands, file writes, or network requests are present in SKILL.md.
- Sanitization: Absent; the skill does not define methods for sanitizing user-provided API designs.
Audit Metadata