dependency-updater
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill encourages the installation and use of tools like 'taze', 'pip-review', and 'cargo-audit' from GitHub repositories and package registries that are not included in the 'Trusted External Sources' list provided in the security skill instructions.
- COMMAND_EXECUTION (MEDIUM): The script 'scripts/run-taze.sh' executes external tools with arbitrary arguments provided by the agent or user. Furthermore, the 'Nuclear Reset' instructions in the README involve potentially destructive commands like 'rm -rf' on directories, which could lead to significant data loss if executed without proper validation or human oversight.
- PROMPT_INJECTION (LOW): The skill possesses a surface for indirect prompt injection (Category 8). 1. Ingestion points: Project manifests such as package.json and requirements.txt are read from the workspace. 2. Boundary markers: None are implemented to distinguish between package data and instructions. 3. Capability inventory: The skill can execute various package manager commands and shell scripts. 4. Sanitization: There is no evidence of sanitization for strings extracted from package files before they are presented to the agent or passed to execution tools.
Audit Metadata