javascript-strict

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructional content aimed at improving code quality and security in JavaScript (Node.js) environments.
  • [SAFE]: It explicitly warns against and provides alternatives for dangerous functions such as eval(), new Function(), and innerHTML, which are primary vectors for injection and XSS attacks.
  • [SAFE]: The skill promotes secure secret management by instructing developers to use environment variables (.env files) and process-level environment access instead of hardcoding sensitive credentials.
  • [SAFE]: It correctly identifies security-sensitive operations, such as generating tokens, and recommends using the cryptographically secure node:crypto module over non-secure alternatives like Math.random().
  • [SAFE]: The documentation includes guidance on using modern Node.js features like the permission model (--permission) to restrict filesystem and network access, supporting the principle of least privilege.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:20 PM
Security Audit — agent-trust-hub — javascript-strict