nestjs-typescript-starter
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [External Downloads] (LOW): The skill clones code from an external repository (
https://github.com/nestjs/typescript-starter.git). While the NestJS organization is highly reputable, it is not on the predefined list of trusted organizations for automatic downgrade to SAFE. - [Remote Code Execution] (LOW): The instruction to run
npm installfetches numerous third-party packages and may execute arbitrary lifecycle scripts (pre/post-install) during the setup process. - [Command Execution] (SAFE): The skill utilizes standard shell commands (
git clone,mv,rm,npm) to initialize a project. The usage is consistent with the described purpose of setting up a TypeScript starter template.
Audit Metadata