rsdoctor-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE] (SAFE): No malicious code or patterns detected.
- [COMMAND_EXECUTION] (SAFE): The skill uses node scripts/rsdoctor.js for local data processing, which is standard for the tool's functionality.
- [EXTERNAL_DOWNLOADS] (SAFE): The mentioned npm packages are well-known and hosted on public registries.
- [DATA_EXPOSURE] (SAFE): The tool processes local build artifacts. The documentation correctly identifies the rsdoctor-data.json file as one that should be ignored by version control to prevent unnecessary data exposure.
- [INDIRECT_PROMPT_INJECTION] (SAFE): Although the agent processes external build data (rsdoctor-data.json), this is the primary purpose of the skill. In accordance with the use-case adjustment rule, this is categorized as safe. Evidence: 1. Ingestion point: dist/rsdoctor-data.json. 2. Boundary markers: Absent. 3. Capability inventory: node scripts/rsdoctor.js. 4. Sanitization: Absent.
Audit Metadata