upstash-qstash-js
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the official Upstash QStash SDK (@upstash/qstash) and the common dotenv utility from the standard NPM registry, which are expected and safe dependencies for this functionality.\n- [COMMAND_EXECUTION]: The skill includes a local utility script verify-multi-region-setup.ts designed to validate environment variables. This script is intended for developer use and safely masks sensitive values before outputting them to the console, performing no network operations.\n- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill correctly implements security measures such as HMAC signature verification for incoming messages and recommends the use of environment variables for managing credentials.
Audit Metadata