npm
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): Both README.md and SKILL.md contain only instructional text and metadata. There are no scripts (.js, .py, .sh), configuration files, or binaries included in the skill.
- [COMMAND_EXECUTION] (LOW): The skill suggests using the 'yes' command piped into 'npm install' to bypass interactive prompts. While this method automates the execution of external package scripts without user confirmation, it is a standard automation technique and is described here for legitimate functional purposes in non-interactive shells.
Audit Metadata