typescript-expert
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands to perform project analysis and validation chores.
- Evidence: SKILL.md contains instructions for running diagnostic and build commands such as
npx tsc,npm test, andnpm run build. - Evidence: The
scripts/ts_diagnostic.pyscript usessubprocess.run(shell=True)to execute tools likegrepandnpx tsc --extendedDiagnosticsfor identifying code patterns and measuring performance. - [EXTERNAL_DOWNLOADS]: The skill uses package management tools to execute or fetch necessary development utilities.
- Evidence: SKILL.md suggests executing several tools via
npx(e.g.,ts-migrate,typesync,@typescript/analyze-trace), which can download packages from the npm registry if they are not already cached locally. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external project files to provide diagnostics.
- Ingestion points: Project configuration files (
package.json,tsconfig.json) and source code files within thesrc/directory are read and analyzed. - Boundary markers: No explicit delimiters or instructions are used to separate untrusted file content from the agent's logic during processing.
- Capability inventory: The skill can execute shell commands and build scripts, which could be influenced by malicious content in the ingested project files.
- Sanitization: Content from the analyzed files is processed for diagnostics without explicit sanitization or escaping, relying on the underlying tools' parsing logic.
Audit Metadata