ts-agent-sdk
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The database client template ('templates/db/client.ts') uses 'child_process.execSync' to run 'wrangler' commands. It constructs these commands by interpolating SQL strings and parameters directly into a shell execution string. This pattern is a high-risk vector for command injection if the input provided to the SDK is not perfectly sanitized.
- [DATA_EXFILTRATION]: The skill provides templates that configure the agent to send data to multiple external endpoints, including 'generativelanguage.googleapis.com' (Google Gemini), 'api.cloudflare.com' (Cloudflare Workers AI/D1), and various webhook URLs (Slack, n8n, Zapier). While these are functional, they represent a significant data exposure surface.
- [EXTERNAL_DOWNLOADS]: The skill instructions and generated examples rely on 'npx' to execute remote packages ('tsx' and 'wrangler') from the NPM registry during runtime, which introduces a dependency on external, third-party code.
Recommendations
- AI detected serious security threats
Audit Metadata