typescript-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The script
scripts/ts_diagnostic.pyusessubprocess.run(shell=True)to call tools such asnpx,node, andgrep. While the command strings are static, shell execution and dependency on the local environment can be exploited if the environment or project configuration is maliciously crafted. - [PROMPT_INJECTION] (LOW): The script ingests data from local files like
package.json,tsconfig.json, and source files. Evidence: 1. Ingestion points:package.json,tsconfig.json, andsrc/*.tsinscripts/ts_diagnostic.py. 2. Boundary markers: Not used. 3. Capability inventory:subprocess.runinscripts/ts_diagnostic.py. 4. Sanitization: None. This ingestion could allow an attacker to inject instructions via file content that appear in the diagnostic output for the agent to consume.
Audit Metadata