skills/sebas-aikon-intelligence/antigravity-awesome-skills/nodejs-best-practices/Gen Agent Trust Hub
nodejs-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8).
- Ingestion points: Untrusted data enters the agent's context through the
Read,Grep, andGlobtools when analyzing local project files. - Boundary markers: Absent. There are no instructions or delimiters defined to prevent the agent from obeying malicious commands hidden in code comments or documentation within the analyzed files.
- Capability inventory: The skill has
WriteandEditcapabilities, meaning an injection in a processed file could trick the agent into deleting code, inserting backdoors, or corrupting the project. - Sanitization: No sanitization is performed on file contents before they are processed by the agent's reasoning engine.
Recommendations
- AI detected serious security threats
Audit Metadata