javascript-pro
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical reference for JavaScript and Node.js development. All analyzed patterns are consistent with the stated purpose of assisting with software engineering tasks.
- [COMMAND_EXECUTION]: references/node-essentials.md contains documentation for child_process.exec, spawn, and execFile. These are standard Node.js APIs for executing system commands in a development context.
- [EXTERNAL_DOWNLOADS]: The skill includes documentation for the fetch API in references/browser-apis.md and the http module in references/node-essentials.md for network communication.
- [DATA_EXFILTRATION]: File system access via fs/promises is documented in references/node-essentials.md, which is a standard capability for Node.js backend development.
- [PROMPT_INJECTION]: An indirect injection surface is present. Ingestion points: references/browser-apis.md (fetch) and references/node-essentials.md (readFile). Boundary markers: None. Capability inventory: child_process.exec, spawn, and writeFile in references/node-essentials.md. Sanitization: Not explicitly implemented in the reference snippets. This surface is a result of providing comprehensive development documentation.
Audit Metadata