Skills
skills/canhta/deliverable/deliverable-upgrade/Gen Agent Trust Hub

deliverable-upgrade

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands to detect the installation environment (checking for directory paths) and to perform the upgrade (using git rev-parse, git pull, and git fetch).
  • [EXTERNAL_DOWNLOADS]: The skill fetches version metadata and source code from the author's GitHub repository (github.com/canhta/deliverable). These are legitimate vendor resources used for the stated purpose of software updates.
  • [REMOTE_CODE_EXECUTION]: The skill uses npx skills add and git clone to update its own components. Since these resources originate from the vendor's own infrastructure, this is considered standard functional behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 08:56 AM