Skills
skills/capawesome-team/skills/capacitor-app-upgrades/Gen Agent Trust Hub

capacitor-app-upgrades

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill updates the Gradle wrapper distribution URL to official versions from services.gradle.org. This is a well-known service for Android development resources.
  • [COMMAND_EXECUTION]: The instructions involve running standard Node.js and Capacitor CLI commands like npm install, npx cap migrate, and npx cap sync to manage project dependencies and configurations.
  • [DATA_EXPOSURE]: The skill reads the package.json file to identify the current version of the project. This is a standard and necessary step for the upgrade process.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes project data (specifically package.json) to determine the upgrade path. While this involves reading potentially untrusted local files, the usage is restricted to version detection and does not expose high-risk attack surfaces.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 09:44 PM