nullability-control
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configures project build files to fetch dependencies from reputable organizations including Google (Error Prone), Uber (NullAway), and JSpecify. These tools are well-established in the Java development community and the downloads are documented neutrally as standard configuration steps.
- [COMMAND_EXECUTION]: Provides shell script templates intended for local execution by developers to automate the creation of package-info.java files. These scripts perform standard file system operations using find, cat, and sed to generate boilerplate code and do not access sensitive data or perform unauthorized network requests.
- [REMOTE_CODE_EXECUTION]: Includes instructions for using OpenRewrite, a widely recognized automated refactoring tool, to migrate legacy annotations. The recipes used are standard community-maintained patterns for nullability migration and are fetched from verified repositories.
Audit Metadata