javascript-pro
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill is designed to analyze untrusted user content such as source code, package manifests, and project requirements to perform development tasks. 1. Ingestion points: User-provided requirements, package.json files, and existing JavaScript source code (referenced in the 'Core Workflow' of SKILL.md). 2. Boundary markers: Absent. There are no instructions or delimiters provided to distinguish between system instructions and content derived from user data. 3. Capability inventory: The skill supports and demonstrates the use of network access via the Fetch API (references/browser-apis.md) and file system operations via fs/promises (referenced in SKILL.md). 4. Sanitization: Absent. No logic is provided to validate or escape external content before processing.
- External Downloads (LOW): The skill references the installation of standard dependencies and the use of external polyfills such as @js-temporal/polyfill (references/modern-syntax.md). This represents a routine dependency risk but is not an immediate execution threat.
Audit Metadata