javascript
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns detected across the 10 threat categories. The instructions focus on promoting secure coding practices (e.g., input sanitization, environment variables, security headers).
- [COMMAND_EXECUTION] (LOW): The skill lists standard development commands such as
npm installandnode script.js. These are provided as usage examples for the developer and do not involve piped remote execution or suspicious payloads. - [INDIRECT_PROMPT_INJECTION] (LOW): While the skill targets JavaScript and TypeScript files (
**.js,ts), it functions as a reference guide for the agent's behavior. It lacks the combined capability to execute untrusted data and perform dangerous network or file operations based on that data.
Audit Metadata