dbskill-upgrade
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several shell commands to manage the upgrade process:
- Detects existing installation directories within the user's home folder (
$HOME/.claude/skills/). - Manages file system operations including directory creation (
mkdir), file copying (cp -r), and removal (rm -rf) to facilitate backups and version replacement. - Uses
mktempto create a secure temporary workspace for downloading updates. - [EXTERNAL_DOWNLOADS]: The skill performs network operations to the author's GitHub infrastructure:
- Uses
curlto retrieve the latest version string fromraw.githubusercontent.com/dontbesilent2025/dbskill/main/VERSION. - Uses
git cloneto download the updated source code fromgithub.com/dontbesilent2025/dbskill.git. - [DATA_EXPOSURE_AND_EXFILTRATION]: While the skill accesses the local file system and performs network requests, these actions are limited to checking version files and downloading updates from the official vendor repository. No sensitive data access or transmission to third-party domains was detected.
Audit Metadata