nodejs-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes shell commands (
node -v,npm -v) and inline Node.js scripts (node -e) exclusively for environment and framework detection. These operations are standard for development tools and do not involve untrusted inputs or high-privilege operations. - [DATA_EXFILTRATION] (SAFE): Filesystem access is limited to standard project configuration files such as
package.json,pnpm-lock.yaml, andyarn.lock. No sensitive user data, credentials, or system files are accessed or transmitted. - [REMOTE_CODE_EXECUTION] (SAFE): No remote script downloads (e.g., via
curlorwget) or execution of untrusted remote code were detected. The skill does not attempt to install any external packages. - [PROMPT_INJECTION] (SAFE): No instructions designed to override agent safety protocols or ignore previous guidelines were found in the markdown or metadata.
Audit Metadata