monorepo-navigator
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and local scripts for monorepo analysis. All operations are local to the repository being analyzed and follow industry best practices for monorepo management.
- [COMMAND_EXECUTION]: Includes a documented helper script (
gen-dep-graph.js) that usesexecSyncto runpnpm ls. This is a legitimate use for gathering workspace information in a monorepo environment, and the script is provided as a transparent code snippet in the documentation. - [DATA_EXFILTRATION]: No sensitive file access or network exfiltration patterns were found. All analyzed scripts and instructions operate only on project metadata (such as package.json and pnpm-workspace.yaml).
Audit Metadata