drf-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a technical documentation and architectural guide for Python's Django REST Framework. It does not contain any executable scripts or malicious instructions.
- [SAFE]: Security-focused patterns are explicitly encouraged, such as scoping querysets to the current user (preventing IDOR vulnerabilities) and implementing object-level permissions.
- [SAFE]: The skill recommends using DRF's built-in security features, including authentication classes, permission classes, and throttling, to protect APIs from unauthorized access and denial-of-service attacks.
- [SAFE]: Data validation practices are emphasized by recommending thin serializers and explicit field definitions over the dangerous 'all' shortcut, which prevents accidental data leakage when model schemas change.
Audit Metadata