managing-user-sessions
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious instructions or bypass attempts were detected in the skill content or frontmatter.
- [DATA_EXFILTRATION]: No unauthorized data access or transmission patterns were found. The skill correctly demonstrates using environment variables and encryption for sensitive token handling.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets or API keys are present. The examples use placeholders and standard secret management practices (e.g.,
process.env.NODE_ENV). - [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping network downloads to shells, were detected.
- [COMMAND_EXECUTION]: No arbitrary shell command execution patterns were found.
- [INDIRECT_PROMPT_INJECTION]: The skill generates code that handles untrusted input (HTTP cookies). However, it implements a robust security chain:
- Ingestion points: Cookies are retrieved via framework-standard methods (e.g.,
req.cookiesin Express,request.cookiesin Flask). - Boundary markers: The logic explicitly validates tokens through the vendor SDK before proceeding.
- Capability inventory: The generated code is limited to session state management and calls to the Scalekit SDK for validation/refresh.
- Sanitization: Tokens are decrypted and validated against the Scalekit API, preventing unauthorized data from influencing application logic.
- [DYNAMIC_EXECUTION]: The skill provides static code templates for various frameworks. No unsafe dynamic execution (e.g.,
eval(),exec()) or runtime compilation is suggested. - [EXTERNAL_DOWNLOADS]: No external package installations or script downloads are triggered by the skill.
Audit Metadata