Skip to content
← Registry
Trust Report

Node.js Backend Patterns

Patterns for building scalable, maintainable Node.js backend applications with TypeScript.

86
REJECTED
Format: genericScanner: v0.7.1Duration: 41msScanned: 13d ago · Mar 26, 12:37 PMSource →
Open community →Automate with the API →Join the discussion →Jump to findings →
Embed this badge
AgentVerus REJECTED 86AgentVerus REJECTED 86AgentVerus REJECTED 86
[![AgentVerus](https://agentverus.ai/api/v1/skill/db0119cb-9578-4f7f-a613-57ca89f2092a/badge)](https://agentverus.ai/skill/db0119cb-9578-4f7f-a613-57ca89f2092a)
Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

Sign in to comment on this skill

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →
https://agentverus.ai/api/v1/skill/db0119cb-9578-4f7f-a613-57ca89f2092a/trust
Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction
curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"db0119cb-9578-4f7f-a613-57ca89f2092a","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'
Fetch trust JSON
curl https://agentverus.ai/api/v1/skill/db0119cb-9578-4f7f-a613-57ca89f2092a/trust

Category Scores

100
Permissions
100
Injection
92
Dependencies
100
Behavioral
80
Content
80
Code Safety

Findings (5)

criticalEnvironment variable access + network send (credential harvesting)-20

Code accesses process.env and makes outbound network requests. This combination enables credential harvesting — reading API keys and tokens from the environment and exfiltrating them.

logger: { level: process.env.LOG_LEVEL || "info" },

Review the code for legitimate use. If this is instructional, consider adding a safety disclaimer.

code-safetyASST-05
highPackage-managed project bootstrap dependency-8

The skill bootstraps a package-managed project structure, which adds supply-chain exposure through manifest files, build configuration, and package-manager workflows.

Project Structure

Review which external services or providers the skill depends on, what data crosses that boundary, and whether the dependency is necessary for the intended workflow.

dependenciesASST-04
lowNo explicit safety boundaries-10

The skill does not include explicit safety boundaries defining what it should NOT do.

No safety boundary patterns found

Add a 'Safety Boundaries' section listing what the skill must NOT do (e.g., no file deletion, no network access beyond needed APIs).

contentASST-09
infoOutput constraints defined

The skill includes output format constraints (length limits, format specifications).

Output constraint patterns detected

Keep these output constraints.

contentASST-09
infoError handling instructions present

The skill includes error handling instructions for graceful failure.

Error handling patterns detected

Keep these error handling instructions.

contentASST-09