npm-pkg-config
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The
package.mdfile includes a command to fetch a standard Node.js.gitignorefrom GitHub's official repository. As GitHub is a trusted external source and the content is a non-executable configuration file, this is considered safe practice. - [COMMAND_EXECUTION] (SAFE): Several files contain shell commands for package management (
pnpm add,pnpm dlx) and environment setup. These are standard development workflows and do not involve untrusted input or risky execution patterns.
Audit Metadata