using-typescript-lsp
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill is designed to analyze untrusted code provided by the user. 1. Ingestion points: .ts, .js, and related files. 2. Boundary markers: Managed via the LSP plugin interface. 3. Capability inventory: Uses read-only semantic operations (findReferences, hover, getDiagnostics) which do not permit file modification or network access. 4. Sanitization: N/A for this use case.
- [External Downloads] (SAFE): Mentions standard installation of well-known 'typescript' and 'typescript-language-server' packages via npm as a prerequisite.
- [Prompt Injection] (SAFE): No malicious prompt injection or override patterns detected.
Audit Metadata