javascript-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [SAFE]: The skill follows established patterns for SDK documentation and does not contain any detected malicious instructions, obfuscated code, or unauthorized data access.
- [EXTERNAL_DOWNLOADS]: The documentation references official packages and repositories for the inference.sh platform, including @inferencesh/sdk on the npm registry and sub-skills from the inference-sh GitHub organization. These downloads are standard for the skill's primary function.
- [COMMAND_EXECUTION]: The skill's configuration allows for the use of shell commands through the Bash tool to manage JavaScript dependencies and run Node.js applications. This is a fundamental requirement for the documented SDK usage.
- [REMOTE_CODE_EXECUTION]: Reference materials include an example of using the eval() function to implement a calculator tool. This is provided as an educational implementation detail rather than executable code shipped with the skill.
- [NO_CODE]: No executable script files (.js, .py, .sh) or binaries are included in the skill; it is comprised entirely of Markdown-based documentation and code snippets.
Audit Metadata