update-dependencies
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs the agent to install and execute third-party utilities such as
npm-check-updates,cargo-audit, andpip-audit. These are standard tools for dependency management but involve the execution of code from remote package registries. Additionally,scripts/analyze.tsis referenced in the documentation but was not provided in the analyzed bundle. - COMMAND_EXECUTION (SAFE): The skill executes shell commands for package managers (npm, bun, pnpm, uv, poetry, cargo) and Git/GitHub CLI operations. These commands are consistent with the skill's primary purpose and do not show signs of malicious intent.
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it fetches and processes external release notes and changelogs to perform risk assessments.
- Ingestion points: Fetches external metadata and changelog content via
gh apiandnpm viewfrom remote repositories. - Boundary markers: Absent. The instructions do not provide delimiters or specific ignore-rules for the agent when processing external text.
- Capability inventory: High-impact capabilities including arbitrary shell execution for package updates, test execution, and automated PR creation.
- Sanitization: None detected. External changelog text is ingested and summarized directly by the agent without prior filtering or sanitization.
Audit Metadata