univer-node-backend

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions and code examples for running Univer in a Node.js backend environment contain no malicious patterns or security risks.
  • [COMMAND_EXECUTION]: The usage of child_process.fork() for delegating formula calculation to worker processes is a standard Node.js pattern for efficient resource management and is used correctly here.
  • [EXTERNAL_DOWNLOADS]: The skill correctly identifies and uses official NPM packages from the @univerjs and @univerjs-pro namespaces, which are recognized for the spreadsheet engine's functionality. References to external data URLs are used for illustrative purposes for data import features.
  • [CREDENTIALS_UNSAFE]: The documentation promotes safe credential handling by using environment variables (process.env.UNIVER_LICENSE) for license keys, ensuring that sensitive information is not hardcoded within the source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 03:15 AM
Security Audit — agent-trust-hub — univer-node-backend