knip
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill uses
bunx knip, which downloads the 'knip' package from the npm registry (registry.npmjs.org) if it is not present. While this is a common development practice, it involves the execution of remote code. - [COMMAND_EXECUTION] (LOW): The skill generates commands to be executed in the shell using
bunx. These commands are standard for the tool's purpose and do not show signs of malicious intent. - [Indirect Prompt Injection] (LOW): The tool's core function is to analyze local project source code and configuration files. While this represents a data ingestion surface for untrusted external content (the codebase being analyzed), the risk is mitigated by the tool's specific focus on dependency and export analysis rather than open-ended instruction following.
Audit Metadata