Skills
NYC
skills/spillwavesolutions/mastering-typescript-skill/mastering-typescript/Gen Agent Trust Hub

mastering-typescript

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOW
Full Analysis
  • [Data Exposure & Exfiltration] (INFO): The validate-setup.sh script reads local project metadata files such as package.json, tsconfig.json, and eslint.config.js. This is strictly for diagnostics and does not include access to sensitive system directories or external exfiltration.
  • [Dynamic Execution] (LOW): The script uses node -p to evaluate a small snippet of JavaScript for the purpose of extracting the version number from node_modules/typescript/package.json. This is a standard development practice and operates only on local, expected files.
  • [Unverifiable Dependencies] (LOW): The ESLint template references standard industry packages (@eslint/js and typescript-eslint). These are well-known and expected in the context of TypeScript development.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 11:09 PM