Skills
skills/genkit-ai/skills/developing-genkit-js/Gen Agent Trust Hub

developing-genkit-js

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages the local development environment by installing the genkit-cli via npm install -g. It also executes development-specific commands such as genkit start for the developer UI and genkit flow:run for testing application logic.\n- [EXTERNAL_DOWNLOADS]: Necessary development tools and plugins, including genkit-cli and @genkit-ai/google-genai, are downloaded from the npm registry to support project requirements.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it integrates data from external documentation and user queries into its operational workflow.\n
  • Ingestion points: Documentation content fetched via genkit docs:read and genkit docs:search (SKILL.md, references/docs-and-cli.md).\n
  • Boundary markers: None identified.\n
  • Capability inventory: Command execution (npm install, genkit start), and file system write operations (references/setup.md).\n
  • Sanitization: Content from documentation is processed without explicit sanitization. This is considered standard for the skill's role as a technical assistant.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 09:20 PM