nodejs
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides detailed instructions on implementing secure backend systems using standard Node.js and Bun frameworks.
- [SAFE]: Mandates the use of Zod for input validation at all system boundaries (HTTP, CLI, Environment variables) to prevent common injection and data corruption attacks.
- [SAFE]: Recommends secure cryptographic practices, such as using Argon2 for password hashing and properly configured JWTs with short-lived access tokens.
- [SAFE]: Includes specific guidelines for Docker security, emphasizing multi-stage builds and the explicit use of non-root users (USER app/bun).
- [SAFE]: Explicitly forbids dangerous practices such as the use of
eval(), hardcoding secrets in code, and usingchild_process.exec()with user-supplied input.
Audit Metadata