Skills
skills/laurigates/claude-plugins/nodejs-development/Gen Agent Trust Hub

nodejs-development

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The REFERENCE.md file includes an instruction to run the Node.js inspector bound to all network interfaces (node --inspect=0.0.0.0:9229). This is a security risk as it allows anyone with network access to the machine to connect to the debugger and execute arbitrary code within the context of the application.
  • [DATA_EXFILTRATION]: The REFERENCE.md file provides examples of generating heap snapshots using v8.writeHeapSnapshot(). Heap snapshots contain a full dump of the application's memory, which can contain sensitive information such as environment variables, private keys, or user data that could be exposed if the snapshots are not handled securely.
  • [EXTERNAL_DOWNLOADS]: The skill references and encourages the use of several external tools and packages, including 0x, Vitest, Playwright, and Biome. While these are legitimate tools, they represent external dependencies that are downloaded and executed as part of the development workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 01:24 PM