Dependency Updater
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill installs third-party packages from external registries using npm and pnpm. This is inherent to its primary purpose as a dependency updater.
- COMMAND_EXECUTION (LOW): The skill executes shell commands to manage packages and run validation tests via the Bash tool.
- PROMPT_INJECTION (LOW): There is a risk of indirect prompt injection (Category 8c). 1. Ingestion points: The skill uses WebSearch and WebFetch to read external changelogs and release notes. 2. Boundary markers: Absent; there are no specific instructions or delimiters used to separate untrusted web content from agent instructions. 3. Capability inventory: The skill has Bash, Write, and Edit permissions across subagents (developer, architect), allowing for file modification or command execution based on researched data. 4. Sanitization: No validation or sanitization of web content is performed before it is processed by the research subagent.
Audit Metadata