typescript-expert
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on shell command execution for its core functionality. It uses a Python diagnostic script (scripts/ts_diagnostic.py) and bash snippets in SKILL.md to interact with the environment, check tool versions, and perform type checking using tools like npx and npm.
- [EXTERNAL_DOWNLOADS]: The skill makes use of npx to execute well-known development tools such as tsc, vitest, ts-migrate, and typesync, which are retrieved from the public npm registry.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its project-scanning features.
- Ingestion points: The agent scans the project's src/ directory using grep and the TypeScript compiler, and parses configuration files like package.json and tsconfig.json.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present when reading external file content.
- Capability inventory: The skill can execute arbitrary shell commands and run JavaScript code via node -e.
- Sanitization: No sanitization or filtering is performed on the data read from the filesystem before it is presented to the agent.
Audit Metadata