modernize
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill performs bulk dependency upgrades using 'npm update', 'pip install --upgrade', and 'go get -u'. This pulls large amounts of third-party code from public repositories into the local environment without a specific verification step for each package.
- REMOTE_CODE_EXECUTION (HIGH): The skill uses 'npx npm-check-updates', which fetches and executes code from the npm registry. Bulk dependency upgrades also risk executing malicious post-install scripts or introducing compromised code into the build process.
- PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) during the 'Fix Breaking Changes' phase. 1. Ingestion points: It processes 'package.json', test results ('.modernize/post-upgrade-test-results.txt'), and runtime/compilation error logs to guide fixes. 2. Boundary markers: Absent; error output is treated as trusted guidance for code modification. 3. Capability inventory: File system write access, bulk package installation, and shell execution via 'npm test' and 'npm run build'. 4. Sanitization: No sanitization or validation of error messages is performed before they are interpreted by the agent for code generation.
- COMMAND_EXECUTION (MEDIUM): The skill executes multiple shell commands ('cat', 'diff', 'npm', 'go', 'cargo'). If filenames or project-specific strings are maliciously crafted in the project's metadata or code, they could potentially influence these command executions.
Recommendations
- AI detected serious security threats
Audit Metadata