nestjs-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill primarily consists of architectural guidelines and code examples in Markdown format. No malicious instructions or hidden payloads were found within the documentation.
- [COMMAND_EXECUTION]: The skill includes a local build script (
scripts/build-agents.ts) that uses the standard Node.jsfsmodule to read markdown files and write the compiled output toAGENTS.md. This behavior is restricted to the local directory and is necessary for the skill's documented build process. - [EXTERNAL_DOWNLOADS]: The skill defines development dependencies in
scripts/package.json(such astypescriptandts-node) which are standard tools for running TypeScript scripts. These are resolved through the official NPM registry. - [DATA_EXPOSURE]: While some rules (e.g.,
security-auth-jwt.md) contain examples of hardcoded secrets, these are clearly marked as 'Incorrect' examples for educational purposes and do not represent active credentials or security risks to the user environment.
Audit Metadata