Skills
skills/baotoq/agent-skills/typescript-expert/Gen Agent Trust Hub

typescript-expert

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The script scripts/ts_diagnostic.py utilizes subprocess.run(cmd, shell=True) to perform project analysis.
  • Evidence: Multiple calls to run_cmd execute commands like npx tsc, node, and grep. Using shell=True is a security anti-pattern that can be vulnerable to environment-based command injection if the environment variables or local file names are manipulated.
  • [EXTERNAL_DOWNLOADS] (LOW): The script relies on npx to execute the TypeScript compiler.
  • Evidence: run_cmd("npx tsc --version"). If the typescript package is missing in the local environment, npx will attempt to download it from the npm registry at runtime, introducing a remote dependency fetch.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The diagnostic script processes data from external, potentially untrusted sources (project files) and outputs them to the agent console.
  • Ingestion points: package.json, tsconfig.json, and source files in the src/ directory via grep and json.load.
  • Boundary markers: Absent. The script prints raw tool output and file contents directly to stdout.
  • Capability inventory: subprocess.run (shell execution), file system read access.
  • Sanitization: None. The script does not escape or validate the content of the files it reads before displaying them to the agent, which could allow an attacker to embed malicious instructions in a package.json description or source code comment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:32 PM