javascript-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the @inferencesh/sdk package from the official NPM registry. This is a verified vendor resource necessary for the SDK's core functionality.
- [COMMAND_EXECUTION]: The configuration permits the use of package management tools (npm, yarn, pnpm, npx) and the node runtime environment, which are required for JavaScript development and running the provided SDK examples.
- [DATA_EXFILTRATION]: The documentation explicitly promotes security best practices, such as using environment variables for API keys and implementing server-side proxies to prevent credential leakage in browser-based applications.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access behaviors were detected across the skill's instructions or reference files.
Audit Metadata