adonisjs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references third-party Node.js packages like @adocasts.com/dto and @nemoventures/adonis-jobs which are not from the pre-defined trusted sources list.
- COMMAND_EXECUTION (LOW): Workflows involve executing local commands such as node ace and pnpm for development and testing tasks.
- PROMPT_INJECTION (LOW): The skill exhibits a surface for indirect prompt injection by processing external code and developer requirements. 1. Ingestion points: User-provided feature requirements and code blocks. 2. Boundary markers: Absent in prompt templates. 3. Capability inventory: Command execution via node ace and pnpm. 4. Sanitization: Emphasizes VineJS validation for application input.
Audit Metadata