jscodeshift
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override, role-play injection, or system prompt extraction were found in the skill or its metadata.
- [Data Exposure & Exfiltration] (SAFE): Analysis of code snippets and configuration files reveals no hardcoded secrets, sensitive path access, or unauthorized network requests.
- [Obfuscation] (SAFE): No use of Base64, zero-width characters, homoglyphs, or other encoding techniques intended to hide malicious content.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references the well-known
jscodeshiftlibrary. No patterns of piping remote content to a shell or downloading executable scripts were found. - [Indirect Prompt Injection] (SAFE): The skill describes processes for ingesting and transforming source code. It provides extensive patterns for sanitization and error handling.
- Ingestion points: Source code content passed to
transformer(file, api)functions as seen inreferences/parser-export-declaration.md. - Boundary markers: Examples do not include specific delimiters, but the guide focuses on structured AST manipulation rather than raw string interpolation.
- Capability inventory: Scripts perform AST-to-source transformations using
root.toSource(). - Sanitization: Promotes defensive patterns in
references/filter-nullish-checks.mdand graceful error handling inreferences/test-parse-errors.md. - [Dynamic Execution] (SAFE): Uses standard jscodeshift template literals for AST node creation (e.g., in
references/codegen-template-literals.md). No unsafe deserialization or library injection techniques were detected.
Audit Metadata