tanstack-start-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive guidelines for secure full-stack development. It explicitly mandates input validation for server functions using Zod schemas to prevent injection and data integrity issues.
- [SAFE]: Session management advice follows industry standards, recommending HTTP-only, secure, and SameSite cookies to protect against XSS and CSRF attacks.
- [SAFE]: Environment variable handling patterns emphasize the separation of server-side secrets from client-side public configuration, using validation to ensure a secure and stable configuration at runtime.
- [SAFE]: Authentication practices include the use of layout-level route protection and middleware to ensure that sensitive data is only accessible to authenticated and authorized users.
- [SAFE]: The skill advises on proper error handling to ensure that detailed server-side error messages (e.g., database stack traces) are sanitized before being sent to the client, preventing information disclosure.
Audit Metadata