Skills
skills/acquia/acquia-skills/security-updates/Gen Agent Trust Hub

security-updates

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard package management and version control commands including composer audit, composer update, and git to maintain the codebase.
  • [COMMAND_EXECUTION]: A shell pipeline uses command substitution with a Python one-liner to parse JSON output from composer audit. This automates the extraction of vulnerable package names for bulk patching while staying within the specified composer.json constraints.
  • [SAFE]: The instructions explicitly forbid updating packages on protected branches and require the creation of a dedicated security branch, reducing the risk of accidental deployment of unstable updates.
  • [SAFE]: Data ingestion from composer audit is handled via structured JSON parsing (python's json module) rather than regex or unsafe string evaluation, minimizing risks associated with malformed audit data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:00 PM