Skills
skills/ai-engineer-agent/ai-engineer-skills/nodejs-expert/Gen Agent Trust Hub

nodejs-expert

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is strictly instructional, providing guidelines for high-quality Node.js software engineering without including any executable scripts or hidden commands.
  • [SAFE]: Includes a dedicated 'Security' section that promotes secure coding practices, such as using crypto.timingSafeEqual() for secrets, avoiding eval(), and employing the Node.js Permission Model (--permission) for sandboxing.
  • [SAFE]: Encourages the use of native Node.js APIs over external npm packages (e.g., node:test, fetch, node:crypto), which reduces the potential attack surface related to third-party dependency vulnerabilities.
  • [SAFE]: Recommends production-grade security measures like running npm audit, using npm ci in CI/CD pipelines, and pinning exact dependency versions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 06:34 AM