audit-dependency-versions
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash to execute standard package manager CLI tools such as npm, pip, cargo, and Rscript. These commands are limited to the intended auditing and inspection functionality.
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to well-known technology registries like the npm registry, PyPI, and CRAN to fetch current version data and security advisories. These sources are considered trusted and official for dependency management.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection via the processing of untrusted project data.
- Ingestion points: Data enters the agent's context from manifest files (e.g., package.json, requirements.txt, Cargo.toml) and tool outputs.
- Boundary markers: No specific delimiters or instructions are used to differentiate project metadata from potential malicious commands embedded within the data.
- Capability inventory: The skill utilizes Bash, Read, Grep, and Glob, which provides a capability surface for the agent if it were to obey instructions found in project files.
- Sanitization: The skill does not explicitly sanitize package names or descriptions before they are returned to the agent context.
Audit Metadata