javascript-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documents the installation of the
@inferencesh/sdkpackage from the NPM registry, along with other standard libraries such asexpress,hono,zod, and@upstash/ratelimitfor server-side proxying and validation. - [COMMAND_EXECUTION]: The skill has permissions to execute
npm,npx,node,pnpm, andyarncommands, which are necessary for the development and deployment of JavaScript-based AI applications. - [REMOTE_CODE_EXECUTION]: Documentation within
references/tool-builder.mdandreferences/agent-patterns.mdhighlights features for runtime code execution. Specifically, it demonstrates enablingcodeExecutionfor agents and includes an example usingeval()for a calculator tool. While shown in a technical context, these patterns allow for dynamic execution of content generated by or provided to the AI. - [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection by creating agents that process untrusted data.
- Ingestion points: Data enters the system via
agent.sendMessageandclient.uploadFile(e.g.,references/files.md). - Boundary markers: The provided patterns do not explicitly demonstrate the use of delimiters or 'ignore' instructions for external data.
- Capability inventory: Agents have access to
codeExecution,webhookToolfor external API calls, and various platform-hosted AI applications. - Sanitization: Code examples do not show explicit sanitization or validation of tool arguments before processing.
Audit Metadata