Laravel Package Specialist
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the cloning and updating of Laravel Nova packages from GitHub repositories (e.g., https://github.com/hackur/nova-menus). These repositories are owned by the author (hackur) and represent legitimate vendor resources required for the skill's stated purpose of package management.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute local maintenance scripts (e.g., ./scripts/dev.sh) for tasks such as listing, cloning, and building packages. These operations are performed within the local development environment as part of a standard developer workflow.
- [REMOTE_CODE_EXECUTION]: While the skill involves downloading code from GitHub via git clone, these operations are restricted to repositories controlled by the vendor. No unauthenticated or arbitrary remote code execution patterns, such as piping remote content directly to a shell, were identified.
Audit Metadata