calculator
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities were found in the source code. The core logic uses standard JavaScript operators and avoids dangerous functions.
- [PROMPT_INJECTION]: Indirect prompt injection evaluation. 1. Ingestion points: process.argv[2] in scripts/cli.ts. 2. Boundary markers: JSON array structure. 3. Capability inventory: Basic arithmetic (add, subtract, multiply, divide); no system, file, or network access. 4. Sanitization: Input validation via JSON.parse and mapping to static operator functions. Severity is SAFE due to zero capability for system impact.
Audit Metadata