ln-710-dependency-upgrader
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard package management and version control commands including
git status,git checkout,npm audit,pip-audit, and various build/test scripts (npm run build,dotnet build,pytest). These operations are consistent with the skill's primary purpose of dependency management. - [EXTERNAL_DOWNLOADS]: The
diagram.htmlfile references the Mermaid.js library from a well-known CDN (jsdelivr.net) to provide visual workflow representations. - [EXTERNAL_DOWNLOADS]: The documentation suggests the installation of
pip-audit, a recognized security tool for scanning Python environments. - [PROMPT_INJECTION]: Analysis of the
Taskdelegation prompt template shows it is used for structured context isolation between sub-agents rather than attempting to bypass safety filters or override system instructions. - [DATA_EXPOSURE]: The skill interacts with standard project files (
package.json,requirements.txt, etc.) and does not access sensitive user directories or hardcoded credentials.
Audit Metadata