nodejs-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is susceptible to indirect prompt injection because it processes untrusted external data (project files) and has capabilities to modify the filesystem.
- Ingestion points: The skill uses
Read,Glob, andGreptools to pull external file content into the agent's context. - Boundary markers: No delimiters or explicit instructions to ignore embedded commands within the analyzed code are provided.
- Capability inventory: The skill utilizes
WriteandEdittools, granting it the power to alter the workspace based on its analysis. - Sanitization: There is no logic present to sanitize or escape instructions found within the code being reviewed.
- [Data Exposure & Exfiltration] (SAFE): The skill correctly identifies environment variables and secrets management as critical security principles but does not attempt to access or exfiltrate sensitive files itself.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): While the skill mentions various npm packages (e.g., Fastify, Zod, Helmet), it does so for architectural advice and does not perform runtime installations or remote script executions.
Recommendations
- AI detected serious security threats
Audit Metadata