Skip to main content

build-agent-js

Enhances web app development with JavaScript/TypeScript conventions, ensuring type safety and adherence to web standards.

Install this skill

or
48/100

Security score

The build-agent-js skill was audited on May 24, 2026 and we found 12 security issues across 4 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 789

Eval function call - arbitrary code execution

SourceSKILL.md
789- **eval() usage** (`eval()` or `Function()` constructor without documented justification)
medium line 214

Template literal with variable interpolation in command context

SourceSKILL.md
214const response = await fetch(`/api/users/${userId}`);
medium line 255

Template literal with variable interpolation in command context

SourceSKILL.md
255const response = await fetch(`/api/users/${userId}`);
medium line 329

Template literal with variable interpolation in command context

SourceSKILL.md
329const res = await fetch(`https://api.example.com/users/${id}`, {
low line 292

Fetch to external URL

SourceSKILL.md
292const response = await fetch('/api/auth/login', {
low line 430

Fetch to external URL

SourceSKILL.md
430const response = await fetch('/api/users');
low line 441

Fetch to external URL

SourceSKILL.md
441const response = await fetch('/api/users', {
medium line 546

Access to .env file

SourceSKILL.md
546- Use environment variables (never commit `.env` files)
low line 550

Access to .env file

SourceSKILL.md
550// .env.example (commit this)
low line 556

Access to .env file

SourceSKILL.md
556databaseUrl: process.env.DATABASE_URL!,
low line 557

Access to .env file

SourceSKILL.md
557jwtSecret: process.env.JWT_SECRET!,
low line 329

External URL reference

SourceSKILL.md
329const res = await fetch(`https://api.example.com/users/${id}`, {
Scanned on May 24, 2026
View Security Dashboard
Installation guide →
GitHub Stars 44
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
frontenddesignplaywrightreactdocxapidatabasetestingdevopsmobilebackendfrontend-developerbackend-developerproduct-managergrowth-pmdevops-sreplaywrightdevelopmentproduct
Agile-V/agile_v_skills