Skills
skills/xip-online-applications/skills/nodejs-version-setup/Gen Agent Trust Hub

nodejs-version-setup

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (e.g., nvm install, asdf install nodejs <version>, volta install node@<version>) based on data retrieved from the local filesystem.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through repository configuration files.
  • Ingestion points: SKILL.md (Instruction 1) specifies reading version data from .nvmrc, .node-version, and package.json.
  • Boundary markers: No boundary markers or instructions are provided to treat the version strings as untrusted data or to ignore embedded shell control characters.
  • Capability inventory: The skill allows shell command execution across various version managers as defined in Instruction 3 of SKILL.md.
  • Sanitization: There is no requirement for the agent to validate or sanitize the version string (e.g., verifying it is a valid SemVer) before interpolating it into a shell command, which could allow for command injection if an attacker-controlled file contains malicious strings like 18; rm -rf /.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 05:28 PM
Security Audit — agent-trust-hub — nodejs-version-setup