maven-dependency-audit
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local CLI commands such as
mvn versions:display-dependency-updatesandmvn dependency:treeto gather information about project dependencies and their versions. - [COMMAND_EXECUTION]: Includes administrative commands like
mvn versions:use-latest-releasesandmvn versions:use-latest-snapshotswhich perform local file-write operations to update dependency versions in the project'spom.xmlfile. - [EXTERNAL_DOWNLOADS]: Recommends the use of the
org.owasp:dependency-check-mavenplugin. This tool and its necessary vulnerability databases are downloaded from official Maven Central repositories and OWASP's established domains, which are well-known and trusted security sources.
Audit Metadata