node
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as an educational guide and reference for Node.js development. It promotes security best practices, such as environment variable validation using Zod or TypeBox and the use of dedicated secrets management services (AWS Secrets Manager, HashiCorp Vault) rather than hardcoding credentials.
- [SAFE]: All external libraries mentioned (e.g., Fastify, Pino, Autocannon, Close-with-grace) are standard, high-quality, and widely used in the industry. Many are part of the 'mcollina' ecosystem, consistent with the skill's authorship.
- [SAFE]: The code snippets provided are illustrative and follow standard patterns for HTTP servers, stream processing, and testing. There is no evidence of malicious command execution, data exfiltration, or obfuscation.
- [SAFE]: Instructions for diagnosing flaky tests and profiling applications use standard Node.js flags and reputable benchmarking tools like autocannon and k6.
Audit Metadata