typescript-pro
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No direct malicious patterns, obfuscation, or data exfiltration attempts were found. The skill follows standard operational guidelines for a development assistant.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted project data.
- Ingestion points: The skill analyzes
tsconfig.json,package.json, build configurations, and source code files from the project environment. - Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when reading project files.
- Capability inventory: The agent is instructed to use tools including
tsc,eslint,prettier,jest,webpack,vite, andtsx. - Sanitization: No sanitization or validation logic is defined for the content processed from project files.
- [REMOTE_CODE_EXECUTION]: No unauthorized remote code execution or untrusted downloads were detected. The listed MCP tools are standard development utilities.
- [DATA_EXFILTRATION]: No access to sensitive system paths or external network requests targeting non-whitelisted domains were identified.
Audit Metadata