fishjam
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation and reference toolkit for Software Mansion's Fishjam platform. A thorough analysis of all 50 files revealed no signs of prompt injection, data exfiltration, obfuscation, or other malicious behaviors.
- [EXTERNAL_DOWNLOADS]: The skill refers to official SDKs and repositories owned by Software Mansion (under the
fishjam-cloudGitHub organization andfishjam.iodomain). These includefishjam-server-sdkon PyPI and several@fishjam-cloud/packages on NPM. All referenced external resources are verified vendor assets used for legitimate platform integration. - [CREDENTIALS_UNSAFE]: The documentation explicitly enforces secure credential management. It identifies the 'management token' as a sensitive server-side secret and provides clear instructions to never expose it to client-side bundles. All code examples use environment variable placeholders (e.g.,
FISHJAM_MANAGEMENT_TOKEN,VITE_FISHJAM_ID) rather than hardcoded keys.
Audit Metadata