dependabot-pnpm
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes project-defined scripts such as pnpm build, pnpm test, and pnpm lint to establish a baseline and validate dependency fixes. If these scripts are defined in a malicious repository, they could execute arbitrary code on the host system.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the GitHub API (Dependabot alerts), creating an attack surface for indirect prompt injection. Malicious content in an alert description could attempt to manipulate the agent's logic.
- Ingestion points: gh api calls in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Shell command execution (pnpm, gh) and file system modification (package.json, log creation).
- Sanitization: Absent.
Audit Metadata