Skills
skills/laurigates/claude-plugins/code-dep-audit/Gen Agent Trust Hub

code-dep-audit

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the ! command syntax to execute find at skill load time. This discovery step is used solely to identify package manifest files (e.g., package.json, Cargo.toml) within the project to provide context for the agent.
  • [COMMAND_EXECUTION]: Executes standard dependency audit commands including npm audit, pip-audit, cargo audit, and go list. These are recognized development tools used for identifying security vulnerabilities and maintenance needs.
  • [EXTERNAL_DOWNLOADS]: Utilizes npx to dynamically download and execute the license-checker package from the npm registry. This is a common and legitimate practice for running audit utilities without permanent local installation.
  • [COMMAND_EXECUTION]: Includes automated remediation steps such as npm audit fix, cargo update, and pip install --upgrade. These commands are standard for applying security patches to project dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 01:24 PM