Skills
skills/inferen-sh/skills/javascript-sdk/Gen Agent Trust Hub

javascript-sdk

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation references the installation of the @inferencesh/sdk NPM package and the use of npx to fetch additional skills from the inference-sh/skills repository. These are verified as vendor-specific resources.
  • [COMMAND_EXECUTION]: The documentation includes code examples demonstrating the use of eval() to evaluate mathematical expressions within a custom tool. This pattern is shown for educational purposes but represents a dynamic execution vector if used with unsanitized input.
  • [REMOTE_CODE_EXECUTION]: The skill describes the activation of built-in codeExecution capabilities and the configuration of webhookTool components, which allow AI agents to interact with external environments and APIs as part of their intended functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 09:55 PM