nodejs-best-practices
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely informational and provides architectural guidance for developers.
- [PROMPT_INJECTION]: No malicious injection patterns, role-play overrides, or attempts to bypass safety filters were detected.
- [DATA_EXFILTRATION]: No hardcoded credentials or sensitive file access patterns are present. The skill correctly instructs to store secrets in environment variables.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote code downloads or execution. It mentions various Node.js frameworks as architectural recommendations rather than executing installation commands.
- [COMMAND_EXECUTION]: The skill uses allowed tools only for standard file operations (Read, Write, Edit) for the purpose of teaching best practices and does not execute dangerous shell commands.
Audit Metadata