Skills
skills/code-sherpas/agent-skills/update-agent-skills/Gen Agent Trust Hub

update-agent-skills

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of npx skills update and npx skills add commands. These are standard operations for managing agent extensions and are essential to the skill's primary purpose of keeping tools current.
  • [EXTERNAL_DOWNLOADS]: The skill involves downloading content from external repositories (e.g., GitHub) to refresh or install skills. The provided example uses the official GitHub organization, and the process follows standard package management patterns.
  • [DATA_EXPOSURE]: The skill reads local configuration files such as skills-lock.json and global state files in the user's home directory (e.g., ~/.agents/.skill-lock.json). This access is strictly limited to the tool's own metadata and is necessary for identifying which skills need updating.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 05:13 AM