jwt-token-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill lacks defenses against malicious instructions embedded in the data it is designed to analyze.
- Ingestion points: JWT tokens and authentication patterns provided by the user in response to triggers.
- Boundary markers: Absent. There are no delimiters or instructions to treat token content as untrusted data.
- Capability inventory: The skill allows
Bash(npm:*),Write,Read, andGrep, providing a significant impact surface if an injection occurs. - Sanitization: Absent. No validation or escaping of the input content is defined before the agent processes the tokens.
Audit Metadata