velt-proxy-server-best-practices
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official Velt SDK package ('@veltdev/react') and provides configuration for proxying traffic to well-known and trusted services including Google APIs, Firebase, and Velt's own infrastructure. These references are standard for the skill's stated purpose.
- [COMMAND_EXECUTION]: The skill contains static nginx configuration examples for setting up reverse proxies. These are provided as educational code blocks and do not involve the execution of shell commands by the agent.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. The skill correctly uses industry-standard placeholders like 'YOUR_API_KEY' for configuration examples.
- [PROMPT_INJECTION]: The instructions are focused on technical implementation details and do not contain any patterns attempting to override agent behavior or bypass safety guidelines.
- [OBFUSCATION]: No obfuscated code, hidden characters, or encoded strings were detected in any of the analyzed files.
- [INDIRECT_PROMPT_INJECTION]: The skill does not possess an attack surface for indirect prompt injection as it does not ingest or process untrusted external data.
Audit Metadata