nodejs-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill possesses a high-risk vulnerability surface because it is designed to ingest external data and has the capability to modify the local environment.\n
- Ingestion points: The skill utilizes
Read,Glob, andGreptools to pull untrusted content from user-provided project files into the agent's reasoning context.\n - Boundary markers: There are no instructions or delimiters provided to separate the agent's primary instructions from potentially malicious code or comments within the files it processes.\n
- Capability inventory: The inclusion of
WriteandEdittools allows for persistent, side-effect-heavy actions on the host system, which could be exploited if an attacker successfully injects instructions via the codebase.\n - Sanitization: No mechanisms for sanitizing or validating external input are defined, leaving the agent vulnerable to following embedded instructions in external data.
Recommendations
- AI detected serious security threats
Audit Metadata