relay
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional and design-oriented, providing secure architectural patterns for messaging integrations.
- [SAFE]: It explicitly mandates security controls such as HMAC-SHA256 signature verification over raw request bytes and timing-safe comparisons to prevent timing attacks.
- [SAFE]: The documentation includes strict 'Never' constraints against dangerous practices like using
eval()orexec(), accepting unsigned webhooks, or processing unbounded payloads. - [SAFE]: It incorporates robust reliability patterns including exponential backoff with jitter, circuit breakers, and mandatory Dead Letter Queue (DLQ) strategies.
- [SAFE]: References to external services and SDKs (e.g., Slack, Discord, Vercel, Stripe) involve well-known technology providers and official repositories.
Audit Metadata