nodejs-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is entirely composed of Markdown files providing educational guidance and code patterns for Node.js and Fastify applications. There are no executable scripts or malicious automation behaviors.
- [EXTERNAL_DOWNLOADS] (SAFE): The README and examples reference standard, reputable open-source libraries such as
fastify,zod,pino, andioredis. No suspicious or unverified third-party dependencies are requested for installation within the skill's logic. - [REMOTE_CODE_EXECUTION] (SAFE): No patterns of remote script fetching or dynamic execution (e.g.,
curl | bash,eval) were found. Code examples are provided as static text for agent instruction. - [DATA_EXFILTRATION] (SAFE): There are no commands that attempt to access sensitive system files or send data to external domains. Example connection strings use
localhostplaceholders. - [PROMPT_INJECTION] (SAFE): No instructions designed to override agent safety filters or extract system prompts were detected in the skill definition or rule files.
Audit Metadata