deps-minor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were detected. The skill's implementation is straightforward and matches its stated purpose.
- COMMAND_EXECUTION (SAFE): The skill executes standard development commands (
npm install,npm run test,npm run build) via shell scripts. These commands are necessary for validating dependency updates and are protected by automated rollback logic and backup procedures. - EXTERNAL_DOWNLOADS (SAFE): The skill utilizes
npxandnpmto interact with the official npm registry. This activity is the core function of the skill and is confined to trusted package management infrastructure. - DATA_EXPOSURE (SAFE): The skill only accesses and modifies project-specific configuration files (
package.json,package-lock.json). It does not attempt to access sensitive system files, environment variables, or user credentials.
Audit Metadata