nodejs-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill creates a high-severity vulnerability surface for indirect prompt injection. While the instructions promote good practices, the defined capability set allows an agent to process untrusted data from local files and perform side-effect-heavy write operations.
- Ingestion points: The skill utilizes Read, Glob, and Grep tools to ingest content from arbitrary files within a project directory (e.g., source code, READMEs, or documentation).
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' markers when the agent processes these external files.
- Capability inventory: The agent is granted Write and Edit permissions, allowing it to modify the file system based on its interpretation of the ingested data.
- Sanitization: There are no instructions for sanitizing code comments, metadata, or documentation strings that might contain adversarial instructions intended to bypass the agent's logic.
Recommendations
- AI detected serious security threats
Audit Metadata