fix-js-globals
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and refactor user-provided JavaScript source code. This creates a potential surface for Indirect Prompt Injection, where instructions embedded within comments or string literals in the analyzed code could attempt to manipulate the agent's logic during the refactoring process.
- Ingestion points: Local JavaScript files (
.js) and UI5 project configuration files (manifest.json,Component.js). - Boundary markers: The instructions do not specify the use of data delimiters or security-focused ignore-instructions to isolate the code being analyzed from the agent's command context.
- Capability inventory: The skill leverages the agent's ability to read from and write to the local file system to apply modernization fixes.
- Sanitization: No specific content validation or sanitization of the input source code is defined in the instructions.
Audit Metadata