orpc-docs
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation repository for the oRPC framework. It contains markdown files with architectural explanations, code snippets, and integration guides for multiple platforms (Node.js, Bun, Deno, Next.js, etc.).
- [PROMPT_INJECTION]: The SKILL.md contains a directive: 'CRITICAL: grep references/ for keywords before answering.' This is a standard instructional pattern for RAG (Retrieval-Augmented Generation) tasks, directing the agent to search the documentation references to provide accurate answers, and does not constitute a malicious override of safety filters.
- [EXTERNAL_DOWNLOADS]: The documentation references numerous npm packages and official technology domains (e.g., github.com, ai-sdk.dev, sentry.io, tanstack.com). These references are part of the instructions for developers to build applications using the library and do not involve silent or malicious background downloads.
- [SAFE]: Code examples provided in the documentation use clear placeholders for sensitive information, such as 'your-secret-key' or 'Bearer token'. No hardcoded credentials or malicious logic were observed in the code snippets.
- [SAFE]: The skill provides extensive documentation on security best practices, including CSRF protection, rate limiting, and secure cookie management, which indicates a focus on helping users build secure applications.
Audit Metadata