web-agency
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a sophisticated hierarchical orchestration model that separates strategic decisions from operational processes and technical implementation, ensuring a clear chain of command.
- [SAFE]: Security best practices are documented in Architecture Decision Records, most notably ADR-004, which prohibits the automatic sending of deliverables and requires explicit human validation for all client-facing outputs.
- [SAFE]: The provided Node.js test suites are used for structural validation and routing integrity. They do not introduce external dependencies or execute untrusted remote code.
- [SAFE]: Data processing workflows (e.g., email-to-devis) use structured data extraction and validation logic to manage untrusted inputs, reducing the risk of indirect prompt injection compared to simple text interpolation.
- [SAFE]: No patterns of data exfiltration, hardcoded credentials, or obfuscated content were found during the analysis of the 80 files comprising the skill.
Audit Metadata