developing-genkit-js
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user and agent to install official Genkit components from the npm registry, including the
genkit-cliand various scoped plugins like@genkit-ai/google-genaiand@genkit-ai/next. These are recognized as legitimate tools from a trusted vendor. - [COMMAND_EXECUTION]: The skill relies on the
genkitCLI for essential development tasks such as reading documentation (genkit docs:read), executing flows for testing (genkit flow:run), and starting the development server with hot-reloading (genkit start -- npx tsx --watch). These commands are standard for the intended developer workflow. - [DATA_EXFILTRATION]: The documentation includes explicit security guidance advising against hardcoding sensitive credentials and recommending the use of environment variables for API key management, which aligns with industry best practices.
Audit Metadata