barcode-capture-web
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill references official Scandit domains (docs.scandit.com) and GitHub repositories (github.com/Scandit) for all API documentation and code samples.
- [SAFE]: Hardcoded credential detection is negative; the skill correctly uses placeholders like '-- ENTER YOUR SCANDIT LICENSE KEY HERE --' and directs users to the official Scandit dashboard for secure key management.
- [SAFE]: All identified dependencies, including the @scandit/web-datacapture scoped packages, are legitimate vendor-owned libraries consistent with the skill's stated purpose and authorship.
- [SAFE]: Static findings regarding instruction concealment are false positives; the instructions for the agent to prioritize skill-provided references over internal training data are standard practices for ensuring API accuracy and do not represent malicious behavior.
Audit Metadata