flutter-architecture
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: Data Security: The skill recommends using
flutter_secure_storagefor managing sensitive data, which is a key security best practice in Flutter development.- [EXTERNAL_DOWNLOADS]: Dependency Management: The workflow includes querying thepub-devMCP to retrieve package metadata. As this involves a well-known community registry, it is considered a safe operation.- [INDIRECT_PROMPT_INJECTION]: Context Ingestion: The skill reads application requirements fromdocs/product/app_brief.md. While this ingestion point allows untrusted data into the prompt, the skill's functionality is limited to architecture planning and does not include execution capabilities. Ingestion points:docs/product/app_brief.mdin SKILL.md; Boundary markers: Absent; Capability inventory: Generating architecture documentation and project scaffolding; Sanitization: Absent.
Audit Metadata