components-version-badge
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes benign shell commands such as
find,grep, andjqto determine the project's framework, package manager, and current version. This is used solely for environment-aware component generation. - [SAFE]: The skill generates a local JavaScript utility (
scripts/parse-changelog.mjs) to process the project's changelog. This script uses regular expressions to extract specific version data, providing a layer of sanitization for user-controlled content. The implementation is confined to the project directory and does not perform network requests or access sensitive credentials.
Audit Metadata