electron-pro
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill addresses features that handle external data, such as Deep Linking and IPC Communication.
- Ingestion points: URL protocol handlers (app.on('open-url')) and IPC listeners (ipcMain.handle) defined in main.ts.
- Boundary markers: The architecture selection framework explicitly mandates 'Context Isolation' and 'Preload Scripts' as security bridges to mitigate risks.
- Capability inventory: Access to system APIs via IPC, worker thread management, and URI protocol registration.
- Sanitization: The skill advises on auditing the IPC surface and defines Content Security Policy (CSP) as a mandatory collaborative step.
Audit Metadata