javascript-sdk
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- DATA_EXFILTRATION (HIGH): The documentation for @inferencesh/sdk in 'references/files.md' specifies that 'Local file paths in input are automatically uploaded (Node.js)'. This design pattern creates a significant security vulnerability where an attacker could provide a path to sensitive files (e.g., '~/.ssh/id_rsa' or '/etc/passwd') as input, which the SDK would then automatically read and exfiltrate to the remote inference service.
- COMMAND_EXECUTION (MEDIUM): 'references/sessions.md' and 'references/streaming.md' document capabilities for 'Browser Automation' and 'Tool Calling'. These features allow the agent to perform actions such as clicking, typing, and taking screenshots within a browser. While intended for automation, these high-privilege capabilities represent a broad attack surface for unauthorized interaction with web services if the agent is compromised.
- EXTERNAL_DOWNLOADS (LOW): The documentation requires the installation of the '@inferencesh/sdk' package via npm. Since the '@inferencesh' organization is not included in the 'Trusted External Sources' list, this dependency must be manually audited for safe network and file system behavior despite being a core requirement for the skill.
Recommendations
- AI detected serious security threats
Audit Metadata