transformers-js
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches machine learning models from the official Hugging Face Hub. This is a trusted source for model weights and configuration.
- [EXTERNAL_DOWNLOADS]: References dependencies from the official NPM registry and well-known JSDelivr CDN. These are standard distribution channels for JavaScript libraries.
- [DATA_EXPOSURE]: Utilizes a local cache directory (defaults to
./.cacheor~/.cache/huggingface/) to store downloaded models. This is standard behavior for the Transformers.js library to optimize performance and minimize redundant downloads. - [COMMAND_EXECUTION]: Provides instructions for running inference tasks using the pipeline API. No arbitrary command execution patterns or privilege escalation attempts were detected.
- [PROMPT_INJECTION]: As a tool designed to process arbitrary data through machine learning models, the skill presents a surface for indirect prompt injection.
- Ingestion points: The
pipelinefunction inSKILL.mdaccepts untrusted text, image, and audio data for analysis or generation. - Boundary markers: Examples do not demonstrate the use of delimiters or "ignore" instructions for processed content.
- Capability inventory: Inference is performed via WebAssembly or WebGPU; the skill also interacts with the local filesystem for caching (
references/CACHE.md). - Sanitization: No sanitization or input validation logic is present in the provided examples.
Audit Metadata