Skills
skills/peiiii/nextclaw/node-pnpm-locator/Gen Agent Trust Hub

node-pnpm-locator

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a shell script (locate_node_pnpm.sh) that performs system discovery by checking the PATH environment variable and searching directories such as /opt/homebrew/bin, /usr/local/bin, and NVM version folders in the user's home directory.
  • [DATA_EXPOSURE]: The documentation in SKILL.md contains a hardcoded absolute path from the author's local environment (/Users/peiwang/Projects/...). While this exposes the author's local directory structure, it does not present a security risk to the user executing the skill.
  • [SAFE]: The skill's primary function is environmental troubleshooting. It does not perform network operations, access sensitive credentials, or implement automated persistence without user intervention.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 09:42 PM