knip-dead-code
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates the use of 'knip', a widely-used open-source utility for static analysis of JavaScript and TypeScript projects.
- [SAFE]: Dependencies are managed via 'bun', a standard industry package manager and runtime.
- [SAFE]: External references are restricted to official documentation (knip.dev) and reputable content delivery networks (unpkg.com) for configuration schemas.
- [SAFE]: No evidence of command injection, credential theft, or unauthorized network activity was found.
- [SAFE]: The skill exhibits a surface for indirect prompt injection as it processes local project files and possesses file-writing and command-execution capabilities; however, this is inherent to its intended function as a code maintenance tool and represents a low risk in this context.
Audit Metadata