Skills
skills/keep-starknet-strange/starkzap/typescript-expert/Gen Agent Trust Hub

typescript-expert

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard development commands such as npx tsc, npm test, and node to diagnose project issues and validate code. These commands are localized to the project environment and are routine for this domain.
  • [EXTERNAL_DOWNLOADS]: The instructions and the ts_diagnostic.py script utilize npx to run various TypeScript-related tools (e.g., vitest, ts-migrate, typesync). These downloads originate from the well-known npm registry and are standard for development workflows.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes project files such as package.json and source code. Ingestion points: Project configuration files (package.json, tsconfig.json) and source files in the src/ directory. Boundary markers: None explicitly defined to separate instructions from code data. Capability inventory: Execution of shell commands via npx, npm, and node. Sanitization: The skill does not perform explicit validation or sanitization of project file contents before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 02:47 AM