deps-audit
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes official and standard package manager CLI tools (npm, pnpm, yarn) to conduct security audits and check for outdated packages, which is an expected and safe practice.
- [SAFE]: Data access is confined to reading local project manifests (e.g., package.json, lock files) and scanning source code for import statements to identify unused packages, aligning with the skill's stated purpose.
- [SAFE]: No evidence of malicious patterns such as prompt injection, data exfiltration, obfuscation, or persistence mechanisms was found.
- [SAFE]: The skill encourages security best practices, including prioritizing critical vulnerability fixes and reviewing changelogs for breaking changes before performing major version upgrades.
Audit Metadata