010112-typescript-rules

Pass

Audited by Gen Agent Trust Hub on Jul 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary purpose is educational, providing guidelines and code examples for TypeScript development. The instructions promote secure coding practices such as strict type checking, avoiding 'any', and using Zod for boundary validation.
  • [COMMAND_EXECUTION]: The provided script 'scripts/validate.py' performs basic static analysis by reading local TypeScript files and counting occurrences of certain patterns like ': any' and 'enum'. This behavior is limited to the local directory, does not involve network access, and is consistent with the skill's stated purpose of enforcing coding standards.
  • [EXTERNAL_DOWNLOADS]: The documentation mentions standard package management commands (e.g., 'npm install typescript') in the context of project setup and migration. No automated or hidden downloads from untrusted sources are performed by the skill itself.
  • [DATA_EXFILTRATION]: No evidence of credential harvesting or data exfiltration was found. Code examples use relative API paths (e.g., '/api/users') for demonstration purposes only.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 8, 2026, 12:19 PM
Security Audit — agent-trust-hub — 010112-typescript-rules