anthropic-sdk-upgrader
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution: The skill utilizes standard shell commands such as
npm install,npm run compile,diff, andgrepto perform the upgrade process, verify the build, and identify changes in type definitions. These operations are performed within the scope of the skill's intended development workflow. - External Resource Access: The instructions reference official release notes on GitHub and utilize the npm registry for package installation. These interactions target well-known platforms and repositories belonging to trusted organizations.
- File System Operations: To detect API surface changes, the skill creates temporary snapshots of type definitions in the
/tmpdirectory. This allows for a controlled comparison between versions and is a standard procedure for auditing SDK updates. - Information Processing Surface: The skill is designed to ingest and summarize external release notes from GitHub. While this involves processing third-party content, it is a necessary step for the upgrade procedure and follows standard patterns for agent-based development assistance.
Audit Metadata