zhin-error-handling
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard imports from '@zhin.js/core' and 'zhin.js'. These are expected dependencies for a skill targeting the Zhin framework. No remote scripts or unauthorized downloads are present.
- [DATA_EXFILTRATION] (SAFE): Analysis of the code snippets shows no attempts to access sensitive system files or credentials. Network calls mentioned (e.g., fetchExternalAPI) are generic placeholders used in documentation context.
- [PROMPT_INJECTION] (SAFE): The instructions are strictly technical and educational. There are no attempts to override agent behavior or bypass safety filters.
- [REMOTE_CODE_EXECUTION] (SAFE): No dynamic code execution (eval, exec) or piping of remote content into shells was found. The code examples are static templates for developers.
- [FALSE POSITIVE ANALYSIS] (INFO): The automated scan alert for 'plugin.logger.info' is a false positive. The scanner incorrectly identified a standard JavaScript method call as a malicious URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata