Skills
skills/aiskillstore/marketplace/monorepo-management/Gen Agent Trust Hub

monorepo-management

Pass

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: LOWNO_CODE
Full Analysis

The SKILL.md file is a comprehensive guide on monorepo management using Turborepo, Nx, and pnpm. It consists entirely of descriptive text, conceptual explanations, and code examples (bash, JSON, YAML, JavaScript, TypeScript) intended for human understanding and manual implementation. There are no instructions for the AI agent to execute any commands, perform network requests, or access the filesystem.

Threat Category Analysis:

  1. Prompt Injection: No patterns indicative of prompt injection were found in SKILL.md or skill-report.json.
  2. Data Exfiltration: The SKILL.md contains examples of npx commands and GitHub Actions that involve external downloads (e.g., npx create-turbo@latest, actions/checkout@v3). These are references to trusted external sources (Vercel, GitHub Actions) and are presented as examples, not active instructions for the agent. References to ~/.pnpm-store and globalDependencies: ["**/.env.*local"] are configuration examples, not exfiltration attempts. Environment variables like GITHUB_TOKEN and NPM_TOKEN are shown in CI/CD examples as placeholders for secrets, not as actual secrets being exfiltrated.
  3. Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected.
  4. Unverifiable Dependencies: The skill references several external tools and GitHub Actions. However, these are presented as examples within documentation and are from well-known, trusted sources (Vercel, Nx, GitHub Actions, Changesets). These are not direct instructions for the agent to install or execute unverified code.
  5. Privilege Escalation: No commands or patterns indicating privilege escalation (e.g., sudo, chmod 777, service installation) were found.
  6. Persistence Mechanisms: No attempts to establish persistence (e.g., modifying shell profiles, creating cron jobs) were detected.
  7. Metadata Poisoning: The metadata in SKILL.md and skill-report.json is clean. The skill-report.json explicitly states that the skill is 'safe' and that any flagged risk_factors are 'FALSE POSITIVES caused by misidentifying bash code examples and JSON schema URLs as security-relevant patterns,' which aligns with this analysis.
  8. Indirect Prompt Injection: The skill is purely informational and does not process external user input, thus it is not susceptible to indirect prompt injection.
  9. Time-Delayed / Conditional Attacks: No conditional logic or time-delayed triggers for malicious behavior were found.

Conclusion: The skill is a safe, educational resource. The skill-report.json accurately identifies that the risk_factors are false positives due to the nature of the content being instructional code examples rather than executable commands for the AI. The skill does not contain any active threats or malicious patterns.

Audit Metadata
Risk Level
LOW
Analyzed
Feb 12, 2026, 09:05 PM