node-npm-environment
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill involves reading external project data such as package.json and npm output, which can be controlled by an attacker to influence the agent.
- Ingestion points: package.json content and npm command output.
- Boundary markers: Absent; no explicit delimiters or instructions to ignore embedded commands are provided.
- Capability inventory: The skill can execute arbitrary scripts via
npm runand install packages vianpm install. - Sanitization: Absent; no input validation is mentioned for external project data.
- Command Execution (SAFE): The skill uses standard local commands for node and npm management (e.g., node -v, which node, nvm use). This is consistent with the skill's primary purpose.
- External Downloads (SAFE): Package installation via npm is a standard feature and is used here in its intended context without links to unknown or untrusted external sources.
Audit Metadata