Skills
skills/kehwar/skills/pnpm/Gen Agent Trust Hub

pnpm

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as an educational and reference resource for using the pnpm package manager. All code snippets and configurations provided follow industry best practices for Node.js development.
  • [COMMAND_EXECUTION]: The documentation describes standard pnpm CLI commands such as pnpm install, pnpm add, and pnpm patch. These are the primary functions of the tool and are documented for legitimate developer use.
  • [EXTERNAL_DOWNLOADS]: References to external resources point exclusively to well-known and trusted entities, including official pnpm documentation (pnpm.io), GitHub repositories of the tool and the author (antfu), and the public npm registry (npmjs.org).
  • [CREDENTIALS_SAFE]: While the skill demonstrates how to configure authentication in .npmrc files, it correctly uses environment variable placeholders (e.g., ${NPM_TOKEN}) rather than hardcoding sensitive secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:41 PM