developing-fullstack-javascript
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive educational and instructional resource for full-stack JavaScript development. It does not contain any executable logic that poses a risk to the host environment.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens were found. The skill follows best practices by instructing developers to use environment variables and secure secret management services for handling credentials.
- [DATA_EXFILTRATION]: No data exfiltration patterns were identified. Network operations described in the instructions are limited to legitimate application logic and do not attempt to access or leak sensitive system files.
- [PROMPT_INJECTION]: The skill does not contain instructions aimed at bypassing agent safety filters or overriding its core behavior.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piped shell scripts from unknown sources, are present. All mentioned package installations are standard for the development stack discussed.
- [COMMAND_EXECUTION]: The skill describes common development commands intended for use in a development workflow and does not exhibit malicious command injection patterns.
Audit Metadata