Skills
skills/takazudo/jlcpcb-parts-finder-skill/jlcpcb-component-finder/Gen Agent Trust Hub

jlcpcb-component-finder

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • COMMAND_EXECUTION (SAFE): The skill instructs the agent to execute a local Node.js script (query.js) and optionally the standard sqlite3 CLI tool to perform database searches. This is the core intended functionality and does not involve arbitrary command execution or shell injection vulnerabilities.
  • DATA_EXFILTRATION (SAFE): The skill accesses a local database file (~/.jlcpcb-db/cache.sqlite3) containing electronic component data. There are no network operations, credential access patterns, or exfiltration vectors detected in the code.
  • REMOTE_CODE_EXECUTION (SAFE): The skill uses the standard better-sqlite3 package. No dynamic code execution from remote sources or eval/exec patterns were found in the provided JavaScript code.
  • PROMPT_INJECTION (SAFE): No evidence of malicious instructions designed to bypass agent safety filters or override system prompts was found in the skill documentation or metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:40 PM