nix-packaging-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): The skill is purely educational and instructional, consisting of Markdown files that guide a user or agent through the process of Nix packaging. No malicious logic or scripts were detected.
- [EXTERNAL_DOWNLOADS] (SAFE): While the skill discusses methods for downloading software (such as fetchurl, wget, and curl), these are standard practices in software packaging. All external links provided point to official NixOS documentation, trusted GitHub repositories, or standard software update sites (e.g., Microsoft VS Code).
- [COMMAND_EXECUTION] (SAFE): The skill provides examples of shell commands used for extraction (tar, ar, unzip) and debugging (ldd, nix-locate). These are standard utilities used within the context of a build environment and do not pose a security threat.
- [FALSE_POSITIVE_ALERT] (SAFE): The automated scanner alert for 'libX11.so' is a false positive. 'libX11.so.6' is a core system library for the X Window System, frequently referenced in this skill as a dependency mapping example, and is not a malicious URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata