build-langchain-ts-app
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides developer documentation and helper scripts for building LangChain TypeScript applications. All activities are consistent with its stated educational and utility purpose.
- [EXTERNAL_DOWNLOADS]: Fetches a sample database from Google Cloud Storage (
storage.googleapis.com) for a Chinook database demo. This is a well-known service and the download is documented for standard application setup. - [PROMPT_INJECTION]: A static analysis warning was triggered by references to "ignore previous instructions" in the MCP provider documentation. This is a false positive; the text provides security guidance to users on how to detect and prevent prompt injection in their own agents.
- [COMMAND_EXECUTION]: The skill includes shell scripts for auditing project dependencies (
check-langchain-versions.sh) and creating project templates (scaffold-createagent-app.sh). These scripts interact with the local filesystem and package configuration files as expected for developer tools.
Audit Metadata